Lucene search
K

7 matches found

CNVD
CNVD
added 2026/04/10 12:0 a.m.8 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17256)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that can be exploited by attackers to cause moderators to obtain informati...

6.5CVSS5.8AI score0.00234EPSS
Exploits0
OSV
OSV
added 2026/04/07 8:44 a.m.4 views

BIT-DISCOURSE-2026-33300 Discourse: Hidden group names and access metadata are exposed to moderators through the `category-chatables` endpoint

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, an authorization bypass in the Category Chatables Controller show action allowed moderators to get information on hidden groups names and user count. This issue has been...

6.5CVSS5.8AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.10 views

Discourse 信息泄露漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that can be exploited by attackers to cause moderators to obtain informati...

6.5CVSS5.8AI score0.00234EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.8 views

PT-2026-29318

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass in the Category Chatables Controller show action allowed moderators to get information on hidden...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References6
Redos
Redos
added 2025/11/25 12:0 a.m.10 views

ROS-20251125-06

A vulnerability in the Moodle virtual learning environment is related to the disclosure of hidden group names to users, who have permission to create events in the calendar. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected...

6.5CVSS6.9AI score0.00246EPSS
Exploits0
OSV
OSV
added 2025/10/23 12:31 p.m.4 views

GHSA-422V-W6C5-VQ42 Moodle exposed the names of hidden groups to users

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information...

4.3CVSS6.7AI score0.00246EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/23 11:28 a.m.6 views

EUVD-2025-35667

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information...

4.3CVSS6.2AI score0.00246EPSS
Exploits0References3
Rows per page
Query Builder