CVE-2024-24755
The CVE-2024-24755 entry concerns the Discourse plugin discourse-group-membership-ip-block. The connected sources describe a information-disclosure vulnerability where the plugin sends all group custom fields to the client, including fields from other plugins that are expected to remain secret. A...