CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

CVE•added 2026/03/19 8:39 p.m.•2 views

CVE-2026-27454

Discourse before versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 allowed unauthorized access to hidden post revisions via GET /posts/:id.json?version=X because display_post called post.revert_to without verifying revision visibility or editor permissions. The root cause was missing authorizati...

5.3CVSS5.8AI score0.00054EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by