3 matches found
Privilege Escalation
matrix-synapse is vulnerable to privilege escalation. Any unauthorized user who knows Room ID of a private room can disclose a private room's name, avatar, topic, and number of members through Group/Community features...
Discourse has unspecified vulnerabilities
Discourse is an open source community discussion platform. The platform includes features such as community, email and chat rooms. A security vulnerability exists in versions of Discourse prior to 2.7.7, which can be exploited by an attacker to cause the post creator of a whispered post to be...
Movable Type vulnerable to session hijacking
Overview Movable Type contains a session hijacking vulnerability. Movable Type contains a session hijacking vulnerability in entering comments and community functionality. Impact A remote unauthenticated attacker may impersonate an honest user of the affected product. Solution Update the software...