Discourse 2.8.14 and 3.0.0.beta16 expose user post count via /u/username.json
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | BIT-discourse-2023-22453 | 6 Mar 202411:02 | – | osv |
![]() | CVE-2023-22453 | 5 Jan 202320:15 | – | osv |
![]() | CVE-2023-22453 Discourse vulnerable to exposure of user post counts per topic to unauthorized users | 5 Jan 202319:53 | – | cvelist |
![]() | CVE-2023-22453 | 5 Jan 202320:15 | – | nvd |
![]() | Design/Logic Flaw | 5 Jan 202320:15 | – | prion |
![]() | Discourse < 3.0.0.beta16 Multiple Vulnerabilities | 6 Jan 202300:00 | – | openvas |
![]() | Discourse < 2.8.14 Multiple Vulnerability | 5 Dec 202200:00 | – | openvas |
[
{
"vendor": "discourse",
"product": "discourse",
"versions": [
{
"version": "< 2.8.14",
"status": "affected"
},
{
"version": ">= 2.9.0.beta0, < 3.0.0.beta16",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo