3 matches found
CVE-2024-52589 Moderators can view Screened emails even when the “moderators view emails” option is disabled in Discourse
Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn the email of a user. This problem is patched in the latest version of Discourse. Users unable to upgrade should remove moderator role from...
CVE-2024-52589
Discourse CVE-2024-52589 involves an authorization issue where moderators can view the Screened emails list in the admin dashboard and learn users’ emails. Multiple sources flag this as a vulnerability in Discourse with the fix being applied in the latest versions; where upgrade is not possible, ...
PT-2024-35385 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to the latest version Description: Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn the email of a user...