PT-2023-14817 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.14 on the stable branch Discourse versions prior to 3.0.0.beta15 on the beta and tests-passed branches Description: Discourse is an option source discussion platform. When a user requests a password reset link...

Discourse 代码问题漏洞

Discourse is an open source community discussion platform. The platform includes community, email and chat room features. A code issue vulnerability exists in versions prior to Discourse 2.8.14 that stems from when a user requests a password reset linked email and then changes their primary email...

Grindr for iOS Multiple Parameter Handling Email Address Operation Vulnerability

Grindr for iOS is GPS based mobile app. An input validation vulnerability exists in Grindr for iOS that fails to properly filter the email and oldemail parameters, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to gain access to...

CVE-2011-2978

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address aka oldemail field for e-mail change notifications, which makes it easier for remote...