5 matches found
CVE-2025-23023
Discourse is an open source platform for community discussion. In affected versions an attacker can carefully craft a request with the right request headers to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous...
CVE-2025-23023
creationtimestamp| type| source ---|---|--- 2025-02-04 20:51:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113947591485236644 2025-02-04 21:16:17+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhey4jhzvu2i 2025-02-04 22:48:44+00:00| seen|...
CVE-2025-23023 Anonymous cache poisoning via request headers in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can carefully craft a request with the right request headers to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous...
CVE-2025-23023 Anonymous cache poisoning via request headers in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can carefully craft a request with the right request headers to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous...
CVE-2025-23023
CVE-2025-23023 affects Discourse where an attacker can craft a request with specific headers to poison the anonymous cache, potentially returning incomplete preloaded data for anonymous visitors. Multiple sources confirm the issue, and Red Hat and OSV entries mirror this description. The vendor h...