Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:23 p.m.8 views

CVE-2022-21684

Discourse is an open source discussion platform. Versions prior to 2.7.13 in stable, 2.8.0.beta11 in beta, and 2.8.0.beta11 in tests-passed allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with mustapproveusers enabled is going to ...

8.8CVSS6.5AI score0.00964EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/13 9:5 p.m.40 views

CVE-2022-21684 User can bypass approval when invited to Discourse

Discourse is an open source discussion platform. Versions prior to 2.7.13 in stable, 2.8.0.beta11 in beta, and 2.8.0.beta11 in tests-passed allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with mustapproveusers enabled is going to ...

4.3CVSS8.6AI score0.00964EPSS
Exploits0References3
CVE
CVE
added 2022/01/13 9:5 p.m.85 views

CVE-2022-21684

Discourse (open source platform) contains a login-bypass vulnerability for invited users when must_approve_users is enabled. Affected versions: prior to 2.7.13 (stable) and 2.8.0.beta11 (beta/tests-passed) allow invited users to log in automatically and perform actions of approved users; after lo...

8.8CVSS6AI score0.00964EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2022/01/11 12:0 a.m.22 views

Discourse < 2.7.13 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

8.8CVSS5.3AI score0.01174EPSS
Exploits0References4
Rows per page
Query Builder