Lucene search
+L

4 matches found

Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.248 views

Discourse 3.1.1 - Unauthenticated Chat Message Access

!/usr/bin/env ruby Title : Discourse 3.1.1 - Unauthenticated Chat Message Access CVE-2023-45131 CVSS: 7.5 High Affected: Discourse 3.1.1 stable, 3.2.0.beta2 Author ibrahimsql @ https://twitter.com/ibrahmsql Date: 2023-12-14 require 'net/http' require 'uri' require 'json' require 'openssl' require...

7.5CVSS7.4AI score0.01814EPSS
Exploits2
OpenVAS
OpenVAS
added 2023/10/23 12:0 a.m.18 views

Discourse 3.1.x <= 3.1.1, 3.2.0.beta1 Unauthorized Access Vulnerability

Discourse is prone to an unauthorized access vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse";...

7.5CVSS7.5AI score0.01814EPSS
Exploits2References2
NVD
NVD
added 2023/10/16 10:15 p.m.16 views

CVE-2023-45131

Discourse is an open source platform for community discussion. New chat messages can be read by making an unauthenticated POST request to MessageBus. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. Users are advised to upgrade. There are no known workarounds for...

7.5CVSS7.4AI score0.01814EPSS
Exploits2References1
CVE
CVE
added 2023/10/16 9:24 p.m.110 views

CVE-2023-45131

CVE-2023-45131 affects Discourse prior to 3.1.1 stable and prior to 3.2.0.beta2. The issue allows reading new chat messages by an unauthenticated POST to the MessageBus endpoint, representing an unauthenticated disclosure of private chat content. Root cause details are not explicitly stated in th...

7.5CVSS7.4AI score0.01814EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder