Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:22 a.m.8 views

CVE-2022-21677

Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group's members visibility set to public as well. However, a...

5.3CVSS6.6AI score0.01174EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/14 4:45 p.m.35 views

CVE-2022-21677 Group advanced search option may leak group and group's members visibility

Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group's members visibility set to public as well. However, a...

4.3CVSS6.3AI score0.01174EPSS
Exploits0References2
CVE
CVE
added 2022/01/14 4:45 p.m.95 views

CVE-2022-21677

CVE-2022-21677 affects Discourse prior to versions 2.7.13 and 2.8.0.beta11, where the group advanced search option could reveal restricted group visibility or members visibility. The root cause is that search did not respect the configured visibility levels. The issue results in information discl...

5.3CVSS4.6AI score0.01174EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2022/01/11 12:0 a.m.22 views

Discourse < 2.7.13 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

8.8CVSS5.3AI score0.01174EPSS
Exploits0References4
Rows per page
Query Builder