Lucene search
+L

4 matches found

OSV
OSV
added 2026/06/16 12:37 p.m.6 views

BIT-DISCOURSE-2026-44783 Discourse: Replying to a whisper lets non-whisperers create staff-only whisper posts

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.4, 2026.3.0 to before 2026.3.1, and 2026.4.0 to before 2026.4.1, a flaw in how replies to whisper posts are handled allows authenticated users outside the groups configured in whispersallowedgroups to post in...

5.4CVSS5.3AI score0.00148EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 8:23 p.m.32 views

CVE-2026-44783 Discourse: Replying to a whisper lets non-whisperers create staff-only whisper posts

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a flaw in how replies to whisper posts are handled allows authenticated users outside the groups configured in...

5.4CVSS0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:23 p.m.27 views

CVE-2026-44783

Product/Component : Discourse (open-source discussion platform). Issue : A flaw in how replies to whispers is handled allows authenticated users outside the groups configured in whispers_allowed_groups to post into a topic’s staff-only whisper channel. The injected content is visible to whisperer...

5.4CVSS5.3AI score0.00148EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/12 8:23 p.m.9 views

CVE-2026-44783 Discourse: Replying to a whisper lets non-whisperers create staff-only whisper posts

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a flaw in how replies to whisper posts are handled allows authenticated users outside the groups configured in...

5.4CVSS5.3AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder