5 matches found
CVE-2024-26145
creationtimestamp| type| source ---|---|--- 2024-02-21 19:22:03+00:00| seen| https://t.me/ctinow/189975 2024-02-21 19:26:38+00:00| seen| https://t.me/ctinow/189988 2024-03-13 10:12:06+00:00| seen| https://t.me/ctinow/206519 2025-02-06 02:44:20+00:00| seen|...
CVE-2024-26145
Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on Discourse. Uninvited users are able to gain access to private events by crafting a request to update their attendance. This problem is resolved in commit dfc4fa15f340189f177a1d1ab2cc94ffed3c1190. As a...
CVE-2024-26145 Uninvited user is able to join and mark the attendance of the the private event
Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on Discourse. Uninvited users are able to gain access to private events by crafting a request to update their attendance. This problem is resolved in commit dfc4fa15f340189f177a1d1ab2cc94ffed3c1190. As a...
CVE-2024-26145 Uninvited user is able to join and mark the attendance of the the private event
Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on Discourse. Uninvited users are able to gain access to private events by crafting a request to update their attendance. This problem is resolved in commit dfc4fa15f340189f177a1d1ab2cc94ffed3c1190. As a...
CVE-2024-26145
CVE-2024-26145 relates to the Discourse Calendar feature. The vulnerability allows uninvited users to gain access to private events by crafting a request to update their attendance within the dynamic calendar in the first post of a topic. The underlying issue is resolved by the commit dfc4fa15f34...