Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.A security vulnerability exists in versions of Discourse prior to 2.8.14. The vulnerability stems from the fact that recipients of group SMTP emails can see the email addresses of all other users in the group SMTP thread. An attacker could exploit this vulnerability to obtain the email addresses of other users.
CPE | Name | Operator | Version |
---|---|---|---|
discourse discourse | lt | 2.8.14 |