2 matches found
CVE-2022-39355 Discourse Patreon vulnerable to improper validation of email during Patreon authentication
Discourse Patreon enables syncronization between Discourse Groups and Patreon rewards. On sites with Patreon login enabled, an improper authentication vulnerability could be used to take control of a victim's forum account. This vulnerability is patched in commit number...
PT-2019-6205 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.2 and later Description: The issue is related to improper validation of invited users' email addresses, allowing projects to add members with email address domains that should be blocked by group settings. This can be...