Mattermost: >> Mattermost Server >> 7.4.1 Security Vulnerabilities
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response.
CVSS Score
2.7
EPSS Score
0.005
Published
2023-02-27
Page 5