CVE-2023-22453

Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 3.0.0.beta16 on the beta and tests-passed branches, the number of times a user posted in an arbitrary topic is exposed to unauthorized users through the /u/username.json endpoint. The issue...

PT-2023-18509 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.14 on the stable branch Discourse versions prior to 3.0.0.beta16 on the beta and tests-passed branches Description: The issue exposes the number of times a user posted in an arbitrary topic to unauthorized user...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email, and chat rooms. Discourse suffers from an information disclosure vulnerability that stems from the number of times it allows users posted in any thread to be exposed to unauthoriz...