Lucene search
K

5 matches found

OSV
OSV
added 2026/04/08 2:43 p.m.2 views

BIT-DISCOURSE-2026-27481 Discourse: Hidden tag visibility bypass on tag routes

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its associated data. All Discourse instances with...

6.3CVSS5.7AI score0.00229EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/04 10:54 p.m.5 views

CVE-2026-27481

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/03 9:27 p.m.4 views

CVE-2026-27481

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/03 9:27 p.m.15 views

CVE-2026-27481

Discourse (open-source platform) is affected by an authorization bypass affecting hidden staff-only tags. Affects versions 2026.1.0-latest–2026.1.3, 2026.2.0-latest–2026.2.2, and 2026.3.0-latest–2026.3.0. Unauthenticated/unauthorized users could view hidden tags and related data when tagging is e...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.8 views

PT-2026-30241

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden staff-only tags and its...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Rows per page
Query Builder