Discourse Reactions Security Vulnerabilities
Discourse-reactions is a plugin that allows user to add their reactions to the post. When whispers are enabled on a site via whispers_allowed_groups and reactions are made on whispers on public topics, the contents of the whisper and the reaction data are shown on the...
4.3CVSS
4.6AI Score
0.0004EPSS
Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit...
3.5CVSS
4AI Score
0.0004EPSS
Discourse-reactions is a plugin that allows user to add their reactions to the post in the Discourse messaging platform. In affected versions data about what reactions were performed on a post in a private topic could be leaked. This issue has been addressed in version 0.3. Users are advised to...
5.3CVSS
5.2AI Score
0.001EPSS
Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are visible. This issue is patched in version 0.2 of discourse-reaction. Users who are unable to update....
5.3CVSS
5.1AI Score
0.001EPSS