6 matches found
CVE-2021-32788
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal...
Discourse 2.7.7 Security Update
A new Discourse update includes two security fixes. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse";...
Discourse 2.8.0.beta4 Security Update
A new Discourse update includes two security fixes. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse";...
CVE-2021-32788
creationtimestamp| type| source ---|---|--- 2021-07-28 02:12:46+00:00| seen| https://t.me/cibsecurity/26550...
CVE-2021-32788
Discourse prior to version 2.7.7 contains two security bugs where the post creator of a whisper post can be revealed to non-staff users. 1) A staff member who creates a whisper post in a personal message could be exposed to non-staff participants even though the post is hidden from them. 2) If a ...
CVE-2021-32788 Post creator of a whisper post can be revealed to non-staff users in Discourse
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal...