LinkAce 访问控制错误漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Individual Developer. An access control error vulnerability exists in LinkAce 2.3.1 and prior versions that stems from an authenticated RSS feed endpoint in the FeedController class that does not implement proper...

CVE-2024-56197 Users can see other user's tagged PMs in Discourse

Discourse is an open source platform for community discussion. PM titles and metadata can be read by other users when the "PM tags allowed for groups" option is enabled, the other user is a member of a group added to this option, and the PM has been tagged. This issue has been patched in the late...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. Discourse suffers from a security vulnerability that stems from private tags being displayed in metadata...