2 matches found
CVE-2022-31025 Invite bypasses user approval in Discourse
Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the stable branch and 2.9.0beta5 on the beta and tests-passed branches, inviting users on sites that use single sign-on could bypass the mustapproveusers check and invites by staff are always approved...
PT-2022-20469
Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2.8.4 on the stable branch Discourse versions prior to 2.9.0beta5 on the beta and tests-passed branches Description The issue affects Discourse, an open source platform for community discussion. Inviting users on...