Lucene search
K

7 matches found

OSV
OSV
added 2024/10/11 10:51 a.m.10 views

BIT-DISCOURSE-2024-45051 Bypass of email address validation via encoded email addresses in Discourse

Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed versio...

8.2CVSS8.2AI score0.00366EPSS
Exploits0References2
NVD
NVD
added 2024/10/07 9:15 p.m.19 views

CVE-2024-45051

Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed versio...

8.2CVSS0.00366EPSS
Exploits0References1
OSV
OSV
added 2024/10/07 8:23 p.m.13 views

CVE-2024-45051 Bypass of email address validation via encoded email addresses in Discourse

Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed versio...

8.2CVSS6.7AI score0.00366EPSS
Exploits0References3
CVE
CVE
added 2024/10/07 8:23 p.m.60 views

CVE-2024-45051

CVE-2024-45051 affects Discourse: a vulnerability that lets an attacker bypass domain-based restrictions by using a maliciously crafted (encoded) email address, enabling access to private sites, categories and groups. Connected sources confirm this is a Discourse authorization bypass tied to how ...

8.2CVSS8.2AI score0.00366EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/07 8:23 p.m.22 views

CVE-2024-45051 Bypass of email address validation via encoded email addresses in Discourse

Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed versio...

8.2CVSS7.3AI score0.00366EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/07 8:23 p.m.17 views

CVE-2024-45051 Bypass of email address validation via encoded email addresses in Discourse

Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed versio...

8.2CVSS0.00366EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.30 views

GitLab < 16.9.6 / 16.10 < 16.10.4 / 16.11 < 16.11.1 (CVE-2024-1347)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain...

5.3CVSS5.2AI score0.00469EPSS
Exploits0References4
Rows per page
Query Builder