4 matches found
CVE-2026-30891
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a user could access another user's private activity due to insufficient authorization checks in the user actions endpoint. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a pat...
CVE-2026-30891
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a user could access another user's private activity due to insufficient authorization checks in the user actions endpoint. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a pat...
CVE-2026-30891
Summary of CVE-2026-30891 : Discourse (open-source discussion platform) is affected in versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, where a user could access another user’s private activity due to insufficient authorization checks in the user actions endpoint. The affected release...
PT-2026-26541
Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 Description Discourse is an open-source discussion platform. Insufficient authorization checks in the user actions API...