Lucene search
+L

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/09 10:8 p.m.8 views

CVE-2026-45780

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event invitee list. This...

5.3CVSS5.9AI score0.00364EPSS
Exploits0References10Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:29 a.m.10 views

CVE-2024-24817

Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on the open-source discussion platform Discourse. Prior to version 0.4, event invitees created in topics in private categories or PMs private messages can be retrieved by anyone, even if they're not logg...

5.3CVSS6.6AI score0.00419EPSS
Exploits0References1
NVD
NVD
added 2024/02/22 6:15 p.m.16 views

CVE-2024-24817

Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on the open-source discussion platform Discourse. Prior to version 0.4, event invitees created in topics in private categories or PMs private messages can be retrieved by anyone, even if they're not logg...

5.3CVSS4.5AI score0.00419EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/22 5:45 p.m.16 views

CVE-2024-24817 User can see invitees in events created in PMs and private categories

Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on the open-source discussion platform Discourse. Prior to version 0.4, event invitees created in topics in private categories or PMs private messages can be retrieved by anyone, even if they're not logg...

4.3CVSS6.6AI score0.00419EPSS
Exploits0References2
CVE
CVE
added 2024/02/22 5:45 p.m.111 views

CVE-2024-24817

CVE-2024-24817 concerns the Discourse Calendar plugin. Prior to version 0.4, event invitees created in topics in private categories or private messages could be retrieved by anyone, even when not logged in. The issue is resolved in version 0.4 of the discourse-calendar plugin. Some partial mitiga...

5.3CVSS4.4AI score0.00419EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder