Vulners
Lucene search
CVE-2023-45131
๐๏ธย 16 Oct 2023ย 21:24:10Reported byย GitHub_MTypeย 
ย cve๐ย web.nvd.nist.gov๐ย 108ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
 | CVE-2023-45131 | 17 Oct 202302:32 | โ | circl |
 | Discourse Information Disclosure Vulnerability | 16 Oct 202300:00 | โ | cnnvd |
 | CVE-2023-45131 Unauthenticated access to new private chat messages in Discourse | 16 Oct 202321:24 | โ | cvelist |
 | Discourse 3.1.1 - Unauthenticated Chat Message Access | 22 Jul 202500:00 | โ | exploitdb |
 | EUVD-2023-49450 | 3 Oct 202520:07 | โ | euvd |
 | CVE-2023-45131 | 16 Oct 202322:15 | โ | nvd |
 | Discourse 3.1.x <= 3.1.1, 3.2.0.beta1 Unauthorized Access Vulnerability | 23 Oct 202300:00 | โ | openvas |
 | BIT-2023-45131 | 20 Oct 202306:16 | โ | osv |
| BIT-DISCOURSE-2023-45131 Unauthenticated access to new private chat messages in Discourse | 6 Mar 202410:53 | โ | osv |
| CVE-2023-45131 Unauthenticated access to new private chat messages in Discourse | 16 Oct 202321:24 | โ | osv |
10
[
{
"vendor": "discourse",
"product": "discourse",
"versions": [
{
"version": " stable < 3.1.2",
"status": "affected"
},
{
"version": "beta < 3.2.0.beta2",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| /chat/new-messages | request body | /message-bus/poll | Test via POST to subscribe to chat channels and monitor channels | CWE-200 |
| /chat/channel-status | request body | /message-bus/poll | Test via POST to subscribe to chat channels and monitor channels | CWE-200 |
| /chat/user-tracking | request body | /message-bus/poll | Test via POST to subscribe to chat channels and monitor channels | CWE-200 |
| clientId | request body | /message-bus/poll | Test via POST to subscribe to chat channels and monitor channels | CWE-200 |
| /private-messages | request body | /message-bus/poll | Test private message access via MessageBus subscription | CWE-200 |
| /chat/private | request body | /message-bus/poll | Test private message access via MessageBus subscription | CWE-200 |
| /notification | request body | /message-bus/poll | Test private message access via MessageBus subscription | CWE-200 |
| clientId | request body | /message-bus/poll | Test private message access via MessageBus subscription | CWE-200 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 06:28Current
7.4High risk
Vulners AI Score7.4
CVSS 3.17.5
EPSS0.01814
SSVC