4 matches found
CVE-2022-46168
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta15 on the beta and tests-passed branches, recipients of a group SMTP email could see the email addresses of all other users inside the group SMTP topic. Most of the time this is n...
CVE-2022-46168 Group SMTP user emails are exposed in CC email header
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta15 on the beta and tests-passed branches, recipients of a group SMTP email could see the email addresses of all other users inside the group SMTP topic. Most of the time this is n...
CVE-2022-46168
CVE-2022-46168 affects Discourse. Before versions 2.8.14 (stable) and 2.9.0.beta15 (beta/tests-passed), recipients of group SMTP emails could see other users’ email addresses in the group thread. The issue is mitigated by the fixes in 2.8.14 and 2.9.0.beta15, which mask those emails with blind ca...
CVE-2022-46168 Group SMTP user emails are exposed in CC email header
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta15 on the beta and tests-passed branches, recipients of a group SMTP email could see the email addresses of all other users inside the group SMTP topic. Most of the time this is n...