Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.8 views

CVE-2022-31025

Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the stable branch and 2.9.0beta5 on the beta and tests-passed branches, inviting users on sites that use single sign-on could bypass the mustapproveusers check and invites by staff are always approved...

5.3CVSS6.7AI score0.00891EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/06/08 12:0 a.m.24 views

Discourse < 2.8.4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

6.1CVSS5.5AI score0.01013EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/06/08 12:0 a.m.16 views

Discourse 2.9.x < 2.9.0.beta5 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

6.1CVSS5.5AI score0.01013EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/06/03 2:35 p.m.10 views

CVE-2022-31025 Invite bypasses user approval in Discourse

Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the stable branch and 2.9.0beta5 on the beta and tests-passed branches, inviting users on sites that use single sign-on could bypass the mustapproveusers check and invites by staff are always approved...

2.6CVSS5.2AI score0.00891EPSS
Exploits0References5
CVE
CVE
added 2022/06/03 2:35 p.m.100 views

CVE-2022-31025

CVE-2022-31025 affects Discourse; prior to versions 2.8.4 (stable) and 2.9.0beta5 (beta/tests-passed) an SSO-based invite could bypass must_approve_users, causing invites by staff to be auto-approved. A fix is available: Discourse 2.8.4 on stable and 2.9.0.beta5 on beta/tests-passed. Workarounds ...

5.3CVSS4.4AI score0.00891EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder