2 matches found
CVE-2023-25169 Yearly Review Plugin leaking anonymised users data in discourse-yearly-review
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit b3ab33bbf7 which is...
PT-2023-19954 · Discourse · Discourse Yearly Review Plugin
Name of the Vulnerable Software and Affected Versions: Discourse Yearly Review plugin affected versions not specified Description: The Discourse Yearly Review plugin has an issue where a user present in a yearly review topic that is then anonymized will still have some data linked to its original...