CVE-2023-45131 Unauthenticated access to new private chat messages in Discourse

🗓️ 16 Oct 2023 21:24:10Reported by GitHub_MType

Unauthenticated access to new private chat messages in Discourse platfor

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2023-45131	17 Oct 202302:32	–	circl
CNNVD	Discourse Information Disclosure Vulnerability	16 Oct 202300:00	–	cnnvd
CVE	CVE-2023-45131	16 Oct 202321:24	–	cve
Exploit DB	Discourse 3.1.1 - Unauthenticated Chat Message Access	22 Jul 202500:00	–	exploitdb
EUVD	EUVD-2023-49450	3 Oct 202520:07	–	euvd
NVD	CVE-2023-45131	16 Oct 202322:15	–	nvd
OpenVAS	Discourse 3.1.x <= 3.1.1, 3.2.0.beta1 Unauthorized Access Vulnerability	23 Oct 202300:00	–	openvas
OSV	BIT-2023-45131	20 Oct 202306:16	–	osv
OSV	BIT-DISCOURSE-2023-45131 Unauthenticated access to new private chat messages in Discourse	6 Mar 202410:53	–	osv
OSV	CVE-2023-45131 Unauthenticated access to new private chat messages in Discourse	16 Oct 202321:24	–	osv

[
  {
    "vendor": "discourse",
    "product": "discourse",
    "versions": [
      {
        "version": " stable < 3.1.2",
        "status": "affected"
      },
      {
        "version": "beta < 3.2.0.beta2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/discourse/discourse/security/advisories/GHSA-84gf-hhrc-9pw6

16 Oct 2023 21:24Current

7.6High risk

Vulners AI Score7.6

CVSS 3.17.5

EPSS0.07392

CWE-200