3 matches found
BIT-DISCOURSE-2025-68666 Discourse users archives leaked to users with moderation privileges
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, users archives are viewable by users with moderation privileges even though moderators should not have access to the archives. Private topic/post content made by the users are leaked...
CVE-2025-68666
Discourse (open source) has a vulnerability where user archives are viewable by users with moderation privileges in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, leaking private topic/post content and breaching confidentiality. The issue is fixed in those same versions (3.5.4, 2025...
CVE-2025-68666 Discourse users archives leaked to users with moderation privileges
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, users archives are viewable by users with moderation privileges even though moderators should not have access to the archives. Private topic/post content made by the users are leaked...