6 matches found
EUVD-2023-29136
Malicious code in bioql PyPI...
CVE-2023-25169
CVE-2023-25169 affects the Discourse Yearly Review plugin. In affected versions, a user appearing in a yearly review topic that is later anonymised may still have data linked to the original account. The issue has been patched in commit b3ab33bbf7 and is included in the latest plugin version. Mit...
CVE-2023-25169 Yearly Review Plugin leaking anonymised users data in discourse-yearly-review
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit b3ab33bbf7 which is...
CVE-2023-25169 Yearly Review Plugin leaking anonymised users data in discourse-yearly-review
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit b3ab33bbf7 which is...
PT-2023-19954 · Discourse · Discourse Yearly Review Plugin
Name of the Vulnerable Software and Affected Versions: Discourse Yearly Review plugin affected versions not specified Description: The Discourse Yearly Review plugin has an issue where a user present in a yearly review topic that is then anonymized will still have some data linked to its original...
Discourse 信息泄露漏洞
Discourse is an open source community discussion platform. The platform includes features such as communities, email, and chat rooms. An information disclosure vulnerability exists in Discourse discourse-yearly-review, which stems from the fact that users appearing in yearly review threads are...