5 matches found
CVE-2025-22601
Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...
CVE-2025-22601
Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...
CVE-2025-22601 Client Side Path Traversal using activate account route in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...
CVE-2025-22601
CVE-2025-22601 affects Discourse via the activate-account route; a crafted link could cause a target user to modify their own username. The issue is tied to a client-side path traversal in affected Discourse releases. According to sources, the vulnerability has been patched in the latest Discours...
CVE-2025-22601 Client Side Path Traversal using activate account route in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...