2 matches found
CVE-2022-31095 Exposure of Sensitive Information in discourse-chat
discourse-chat is a chat plugin for the Discourse application. Versions prior to 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpoint, primarily...
CVE-2022-31095
The CVE-2022-31095 affects the discourse-chat plugin for Discourse. Versions prior to 0.4 allow an attacker who knows a channel message ID to view that message via the chat message lookup endpoint, primarily impacting direct message channels. There are no known workarounds; remediation is to upda...