Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.4 views

CVE-2026-32615

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, category group moderators could perform privileged actions on topics inside private categories they did not have read acce...

5.4CVSS5.8AI score0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/31 5:40 p.m.31 views

CVE-2026-32615 Discourse: Category group moderators can perform actions on topics in restricted categories without read access

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, category group moderators could perform privileged actions on topics inside private categories they did not have read acce...

5.3CVSS0.00153EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/31 5:40 p.m.5 views

CVE-2026-32615

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, category group moderators could perform privileged actions on topics inside private categories they did not have read acce...

5.3CVSS5.8AI score0.00153EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

Discourse 授权问题漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an authorization issue vulnerability that stems from a category group moderator being able to perform privileged...

5.4CVSS5.8AI score0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/03/03 1:29 p.m.2 views

BIT-DISCOURSE-2026-26973 Discourse doesn't scope reviewable notes to user-visible reviewables

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.9AI score0.00152EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/26 7:19 p.m.23 views

CVE-2026-26973 Discourse doesn't scope reviewable notes to user-visible reviewables

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 7:19 p.m.6 views

EUVD-2026-8878

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 7:19 p.m.2 views

CVE-2026-26973

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.7AI score0.00152EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/02/26 7:19 p.m.3 views

CVE-2026-26973 Discourse doesn't scope reviewable notes to user-visible reviewables

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

4.3CVSS5.9AI score0.00152EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:6 a.m.25 views

BIT-DISCOURSE-2022-24850 Category group permissions leaked in Discourse

Discourse is an open source platform for community discussion. A category's group permissions settings can be viewed by anyone that has access to the category. As a result, a normal user is able to see whether a group has read/write permissions in the category even though the information should...

5.3CVSS4.8AI score0.0063EPSS
Exploits0References2
Rows per page
Query Builder