Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2024/02/05 12:0 a.m.15 views

Discourse < 3.1.4, 3.2.x < 3.2.0.beta4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

8.6CVSS5.1AI score0.00566EPSS
Exploits0References3
Circl
Circl
added 2024/01/12 10:41 p.m.18 views

CVE-2023-49099

creationtimestamp| type| source ---|---|--- 2024-01-12 22:41:46+00:00| seen| https://t.me/ctinow/167569 2024-01-15 08:20:28+00:00| seen| https://t.me/arpsyndicate/2769 2024-02-03 00:51:35+00:00| seen| https://t.me/ctinow/178339...

4.3CVSS4.6AI score0.00321EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/12 8:53 p.m.5 views

CVE-2023-49099 Discourse secure uploads accessible to guests even when login is required

Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4...

3.1CVSS7.2AI score0.00321EPSS
Exploits0References2
CVE
CVE
added 2024/01/12 8:53 p.m.53 views

CVE-2023-49099

Discourse has a vulnerability where under very specific circumstances secure upload URLs for posts could be accessed by guest users even when login is required. Affected versions were before patches 3.2.0.beta4 and 3.1.4; patch versions are 3.2.0.beta4 and 3.1.4. Impact involves potential exposur...

4.3CVSS4.9AI score0.00321EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder