2 matches found
CVE-2024-23834
creationtimestamp| type| source ---|---|--- 2024-01-30 23:26:28+00:00| seen| https://t.me/ctinow/176346 2024-02-22 11:37:05+00:00| seen| https://t.me/ctinow/190643...
CVE-2024-23834
Discourse (open-source discussion platform) has an XSS vulnerability when user input is not properly sanitized and Content Security Policy is disabled. The issue affects instances where CSP is not enabled and allows unsafe-inline; it is fixed in Discourse 3.1.5 and 3.2.0.beta5. To remediate, enab...