5 matches found
CVE-2022-21678
Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the tests-passed branch, version 2.8.0.beta11 in the beta branch, and version 2.7.13 in the stable branch, the bios of users who made their profiles private were still visible in the tags on their users' pages. The...
CVE-2022-21678 User's bio visible even if profile is restricted in Discourse
Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the tests-passed branch, version 2.8.0.beta11 in the beta branch, and version 2.7.13 in the stable branch, the bios of users who made their profiles private were still visible in the tags on their users' pages. The...
CVE-2022-21678
Discourse suffers an information disclosure vulnerability: before specific patch levels, bios (or profile bios) of users with private profiles were exposed in the page meta data, exposing private user information. Affected software: Discourse. Affected versions include prior to 2.8.0.beta11 in th...
CVE-2022-21678 User's bio visible even if profile is restricted in Discourse
Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the tests-passed branch, version 2.8.0.beta11 in the beta branch, and version 2.7.13 in the stable branch, the bios of users who made their profiles private were still visible in the tags on their users' pages. The...
Discourse < 2.7.13 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...