HomePentest-Tools.com Logo

Discourse 2.9.x < 2.9.0.beta7 Multiple Vulnerabilities CVE-2022-31182CVE-2022-31184

Severity
CVSSv3 Score
7.5
Vulnerability description

Discourse is prone to multiple vulnerabilities.

Risk description

The following vulnerabilities exist: - CVE-2022-31182: Cache poisoning via maliciously-formed request - CVE-2022-31184: Email activation route can be abused by spammers

Recommendation

Update to version 2.9.0.beta7 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Aug 1, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available