4 matches found
CVE-2024-55948
creationtimestamp| type| source ---|---|--- 2025-02-04 21:11:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113947671170575758 2025-02-04 21:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhey44ijbq27 2025-02-04 22:23:43+00:00| seen|...
CVE-2024-55948 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous visitors of the site. This problem...
CVE-2024-55948
CVE-2024-55948 describes an anonymous cache poisoning vulnerability in Discourse. In affected versions, an attacker can craft an XHR request to contaminate the anonymous cache, potentially causing a response with missing preloaded data and affecting only anonymous visitors. Mitigation in the prov...
CVE-2024-55948 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous visitors of the site. This problem...