HomePentest-Tools.com Logo

Discourse < 2.8.12 Information Disclosure Vulnerability CVE-2022-41944

Severity
CVSSv3 Score
4.3
Vulnerability description

Discourse is prone to an information disclosure vulnerability.

Risk description

Under certain conditions, a user can see notifications for topics they no longer have access to. If there is sensitive information in the topic title, it will therefore have been exposed.

Recommendation

Update to version 2.8.12 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 28, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available