4 matches found
Discourse < 3.1.4, 3.2.x < 3.2.0.beta4 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
CVE-2023-49099
creationtimestamp| type| source ---|---|--- 2024-01-12 22:41:46+00:00| seen| https://t.me/ctinow/167569 2024-01-15 08:20:28+00:00| seen| https://t.me/arpsyndicate/2769 2024-02-03 00:51:35+00:00| seen| https://t.me/ctinow/178339...
CVE-2023-49099 Discourse secure uploads accessible to guests even when login is required
Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4...
CVE-2023-49099
Discourse has a vulnerability where under very specific circumstances secure upload URLs for posts could be accessed by guest users even when login is required. Affected versions were before patches 3.2.0.beta4 and 3.1.4; patch versions are 3.2.0.beta4 and 3.1.4. Impact involves potential exposur...