HomePentest-Tools.com Logo

Discourse 3.1.x < 3.1.0.beta2 Multiple Vulnerabilities CVE-2023-23622CVE-2023-25172

Severity
CVSSv3 Score
5.4
Vulnerability description

Discourse is prone to multiple vulnerabilities

Risk description

The following vulnerabilities exist: - CVE-2023-23622: Presence of read restricted topics may be leaked if tagged with a tag that is visible to all users - CVE-2023-25172: XSS user name displayed on post

Recommendation

Update to version 3.1.0.beta2 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 17, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available