Discourse Information Disclosure Vulnerability (CNVD-2024-20430)

2024-04-1700:00:00

China National Vulnerability Database

www.cnvd.org.cn

discourse

information disclosure

open source

community

chat rooms

sensitive information

vulnerability

attacker exploit

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Discourse is an open source community discussion platform. The platform includes features such as community, email and chat rooms. An information disclosure vulnerability exists in Discourse-reactions, which stems from the application’s inadequate protection of sensitive information and can be exploited by an attacker to obtain sensitive information.