2 matches found
CVE-2024-45051 Bypass of email address validation via encoded email addresses in Discourse
Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed versio...
PT-2024-31403 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to the latest stable, beta and tests-passed version Description: A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories, and/or...