2 matches found
CVE-2026-44780
Summary of CVE-2026-44780 (Discourse) : The flaw arises in the ReviewableQueuedPostSerializer where, for posts arriving via incoming email, payload["raw_email"] was unconditionally included. This allowed category moderation group members in the review queue to access the full inbound email conten...
PT-2026-48978
Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description The ReviewableQueuedPostSerializer unconditionally includes the raw email payload for posts received via incoming email. This allo...