5 matches found
BIT-DISCOURSE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...
CVE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...
CVE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...
CVE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...
CVE-2026-27021
Summary of CVE-2026-27021 (Discourse) : The vulnerability affects the poll voters endpoint, where lack of post visibility checks allowed unauthorized access to voters’ details for polls in any post. Affected versions include 2025.12.2, 2026.1.1, and 2026.2.0. The issue is addressed in these versi...