4 matches found
EUVD-2023-0489
Malicious code in bioql PyPI...
CVE-2023-22489
Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply permission or lock status. This includes users that...
CVE-2023-22489 Flarum is missing authorization in discussion replies
Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply permission or lock status. This includes users that...
PT-2023-18540 · Flarum · Flarum
Name of the Vulnerable Software and Affected Versions: Flarum versions v1.3.0 through v1.6.3 Description: The issue occurs when the first post of a discussion is permanently deleted, but the discussion remains visible. This allows any actor who can view the discussion to create a new reply via th...