CVE-2022-39241

Discourse is a platform for community discussion. A malicious admin could use this vulnerability to perform port enumeration on the local host or other hosts on the internal network, as well as against hosts on the Internet. Latest stable, beta, and test-passed versions are now patched. As a...

Discourse < 2.8.10 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

CVE-2022-39241

creationtimestamp| type| source ---|---|--- 2022-11-02 19:19:50+00:00| seen| https://t.me/cibsecurity/52485...

CVE-2022-39241

CVE-2022-39241 affects Discourse and is described across multiple sources as a vulnerability in webhooks that could enable a malicious admin to perform port enumeration on local/internal hosts or external hosts. The OSV entry frames it as a Possible Server-Side Request Forgery (SSRF) in webhooks,...

CVE-2022-39241 Possible Server-Side Request Forgery (SSRF) in webhooks

Discourse is a platform for community discussion. A malicious admin could use this vulnerability to perform port enumeration on the local host or other hosts on the internal network, as well as against hosts on the Internet. Latest stable, beta, and test-passed versions are now patched. As a...