Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2023/01/06 12:0 a.m.15 views

Discourse 2.9.0.beta14 Information Disclosure Vulnerability (GHSA-q9jp-xv4g-328f)

Discourse is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.5CVSS5.3AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2023/01/05 7:15 p.m.27 views

CVE-2022-23546

In version 2.9.0.beta14 of Discourse, an open-source discussion platform, maliciously embedded urls can leak an admin's digest of recent topics, possibly exposing private information. A patch is available for version 2.9.0.beta15. There are no known workarounds for this issue...

5.5CVSS5.6AI score0.0028EPSS
Exploits0References2
CVE
CVE
added 2023/01/05 6:10 p.m.73 views

CVE-2022-23546

Discourse 2.9.0.beta14 contains an information disclosure vulnerability where maliciously embedded URLs can leak an admin’s digest of recent topics. The issue stems from how topic digests are assembled for emails/digests, leading to leakage of private information to unintended recipients. A patch...

5.5CVSS5.6AI score0.0028EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/01/05 6:10 p.m.25 views

CVE-2022-23546 Discourse vulnerable to private topic leak via email#send_digest

In version 2.9.0.beta14 of Discourse, an open-source discussion platform, maliciously embedded urls can leak an admin's digest of recent topics, possibly exposing private information. A patch is available for version 2.9.0.beta15. There are no known workarounds for this issue...

5.5CVSS5.5AI score0.0028EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/12/02 12:0 a.m.17 views

Discourse < 2.9.0.beta14 Information Disclosure Vulnerability

Discourse is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS4.4AI score0.00524EPSS
Exploits0References1
NVD
NVD
added 2022/11/29 6:15 p.m.16 views

CVE-2022-46150

Discourse is an open-source discussion platform. Prior to version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue...

4.3CVSS0.00524EPSS
Exploits0References2
Prion
Prion
added 2022/11/29 6:15 p.m.23 views

Code injection

Discourse is an open-source discussion platform. Prior to version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue...

4CVSS4.6AI score0.00524EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/29 12:0 a.m.18 views

CVE-2022-46150 Discourse may allow exposure of hidden tags in the subject of notification emails

Discourse is an open-source discussion platform. Prior to version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue...

4.3CVSS4.8AI score0.00524EPSS
Exploits0References2
OSV
OSV
added 2022/11/29 12:0 a.m.19 views

CVE-2022-46150 Discourse may allow exposure of hidden tags in the subject of notification emails

Discourse is an open-source discussion platform. Prior to version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue...

4.3CVSS4.5AI score0.00524EPSS
Exploits0References4
Rows per page
Query Builder