EUVD-2023-49454

Malicious code in bioql PyPI...

CVE-2023-45147 Arbitrary keys can be added to a topic's custom fields by any user in Discourse

Discourse is an open source community platform. In affected versions any user can create a topic and add arbitrary custom fields to a topic. The severity of this vulnerability depends on what plugins are installed and how the plugins uses topic custom fields. For a default Discourse installation...