Lucene search
K

5 matches found

redhatcve
redhatcve
added 2025/02/08 4:39 a.m.20 views

CVE-2025-22601

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

3.1CVSS6.6AI score0.00357EPSS
Exploits0References1
nvd
nvd
added 2025/02/04 9:15 p.m.32 views

CVE-2025-22601

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

3.1CVSS0.00357EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/02/04 8:53 p.m.14 views

CVE-2025-22601 Client Side Path Traversal using activate account route in Discourse

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

3.1CVSS4.8AI score0.00357EPSS
Exploits0References1
cve
cve
added 2025/02/04 8:53 p.m.73 views

CVE-2025-22601

CVE-2025-22601 affects Discourse via the activate-account route; a crafted link could cause a target user to modify their own username. The issue is tied to a client-side path traversal in affected Discourse releases. According to sources, the vulnerability has been patched in the latest Discours...

3.1CVSS3.9AI score0.00357EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/02/04 8:53 p.m.34 views

CVE-2025-22601 Client Side Path Traversal using activate account route in Discourse

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

3.1CVSS0.00357EPSS
Exploits0References1
Rows per page
Query Builder