50 matches found
BIT-DISCOURSE-2026-33415 Discourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content Exposure
Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were not authorized to view. Insufficient access control...
CVE-2026-33415
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
CVE-2026-33415
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
CVE-2026-33415 Discourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content Exposure
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
CVE-2026-33415 Discourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content Exposure
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
CVE-2026-33415 Discourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content Exposure
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
CVE-2026-33415
CVE-2026-33415 affects Discourse before fixed versions: 2026.1.3, 2026.2.2, and 2026.3.0. An authenticated moderator-level user could bypass category permissions via an insufficiently protected sentiment analytics endpoint, enabling retrieval of post contents, topic titles, and usernames from cat...
EUVD-2026-17574
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
CVE-2026-33415
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
PT-2026-29319
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...
Reddit’s new AI-powered tools scan your posts to serve you better ads
Reddit has introduced two Artificial Intelligence AI tools which will use Reddit comments, posts, and conversations to help sellers make the most of the community. Reddit is a social media platform and online forum where users can share and discuss content across a wide range of topics. The...
CVE-2024-10163
A vulnerability was found in SourceCodester Sentiment Based Movie Rating System 1.0. It has been classified as critical. Affected is an unknown function of the file /msrps/moviedetails.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. T...
Yet Another Diminishing Spark: Low-Level Cyberattacks in the Israel-Gaza Conflict
We report empirical evidence of web defacement and DDoS attacks carried out by low-level cybercrime actors in the Israel-Gaza conflict. Our quantitative measurements indicate an immediate increase in such cyberattacks following the Hamas-led assault and the subsequent declaration of war. However,...
UK Finfluencers: Exploring Content, Reach, and Responsibility
The rise of social media financial influencers finfluencers has significantly transformed the personal finance landscape, making financial advice and insights more accessible to a broader and younger audience. By leveraging digital platforms, these influencers have contributed to the...
Bitcoin'S Edge: Embedded Sentiment in Blockchain Transactional Data
Cryptocurrency blockchains, beyond their primary role as distributed payment systems, are increasingly used to store and share arbitrary content, such as text messages and files. Although often non-financial, this hidden content can impact price movements by conveying private information, shaping...
CVE-2024-52675
SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php...
CVE-2024-52675
SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php...
CVE-2024-52675
SourceCodester Sentiment Based Movie Rating System 1.0 is affected by a SQL Injection in the /msrps/movies.php endpoint (CVE-2024-52675). The vulnerability is documented with a CVSSv3.1 base score of 9.8 (CRITICAL): Network attack vector, no user interaction, with high impact on confidentiality, ...
SourceCodester Sentiment Based Movie Rating System 安全漏洞
SourceCodester Sentiment Based Movie Rating System is an open source movie rating system from SourceCodester. A security vulnerability exists in SourceCodester Sentiment Based Movie Rating System version 1.0, which stems from vulnerability to SQL injection attacks...
CVE-2024-10163
A vulnerability was found in SourceCodester Sentiment Based Movie Rating System 1.0. It has been classified as critical. Affected is an unknown function of the file /msrps/moviedetails.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. T...