Lucene search
K

109 matches found

OSV
OSV
added 2026/03/03 1:29 p.m.1 views

BIT-DISCOURSE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS5.9AI score0.0028EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.7 views

CVE-2026-27021

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS5.9AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2026/02/26 9:28 p.m.6 views

CVE-2026-27021

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/26 7:50 p.m.25 views

CVE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS0.0028EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 7:50 p.m.1 views

CVE-2026-27021

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/26 7:50 p.m.3 views

CVE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS5.9AI score0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 7:50 p.m.6 views

EUVD-2026-8887

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS5.4AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 7:50 p.m.16 views

CVE-2026-27021

Summary of CVE-2026-27021 (Discourse) : The vulnerability affects the poll voters endpoint, where lack of post visibility checks allowed unauthorized access to voters’ details for polls in any post. Affected versions include 2025.12.2, 2026.1.1, and 2026.2.0. The issue is addressed in these versi...

6.9CVSS5.4AI score0.0028EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/26 7:50 p.m.5 views

CVE-2026-27021 Discourse: Poll voters endpoint lacked post visibility checks

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized access to voters details of polls in any post. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the...

6.9CVSS5.9AI score0.0028EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.5 views

PT-2026-22183

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description Discourse is an open source discussion platform. Before versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint...

6.9CVSS5.9AI score0.0028EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.10 views

Discourse 安全漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse before 2025.12.2, 2026.1.1, and 2026.2.0 contained security vulnerabilities. These vulnerabilities...

6.9CVSS5.8AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 8:18 p.m.4 views

CVE-2025-14889

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

6.3CVSS5.4AI score0.00244EPSS
Exploits1References1
NVD
NVD
added 2025/12/18 8:15 p.m.7 views

CVE-2025-14889

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

6.3CVSS0.00244EPSS
Exploits1References5
OSV
OSV
added 2025/12/18 8:15 p.m.7 views

CVE-2025-14889

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

6.3CVSS5.5AI score0.00244EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/12/18 8:2 p.m.4 views

CVE-2025-14889

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

6.3CVSS5.2AI score0.00244EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/18 8:2 p.m.2 views

CVE-2025-14889 Campcodes Advanced Voting Management System Password voters_edit.php improper authorization

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

5.5CVSS5.4AI score0.00244EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/18 8:2 p.m.25 views

CVE-2025-14889 Campcodes Advanced Voting Management System Password voters_edit.php improper authorization

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

5.5CVSS0.00244EPSS
Exploits1References5
CVE
CVE
added 2025/12/18 8:2 p.m.11 views

CVE-2025-14889

Campcodes Advanced Voting Management System 1.0 is affected. The vulnerability lies in the Password Handler’s unknown function within /admin/voters_edit.php where manipulating the ID parameter causes improper authorization. The issue is remotely exploitable and the exploit has been publicly relea...

6.3CVSS5.4AI score0.00244EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.9 views

PT-2025-52331

Name of the Vulnerable Software and Affected Versions Campcodes Advanced Voting Management System version 1.0 Description A security flaw exists in Campcodes Advanced Voting Management System. The issue is related to improper authorization resulting from manipulation of the ID argument within an...

6.3CVSS5.2AI score0.00244EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

Campcodes Advanced Voting Management System 授权问题漏洞

CampCodes Advanced Voting Management System is an advanced voting management system from CampCodes Philippines. An authorization issue vulnerability exists in Campcodes Advanced Voting Management System version 1.0, which stems from improper handling of the parameter ID in the file...

6.3CVSS5.6AI score0.00244EPSS
Exploits1References5
Rows per page
Query Builder