CVE-2022-31060 – Banner topic data is exposed on login-required Discourse sites
https://notcve.org/view.php?id=CVE-2022-31060
Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners. Discourse es una plataforma de discusión de código abierto. • https://github.com/discourse/discourse/commit/ae6a9079436fb9b20fd051d25fb6d8027f0ec59a https://github.com/discourse/discourse/pull/17071 https://github.com/discourse/discourse/security/advisories/GHSA-5f4f-35fx-gqhq • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-31025 – Invite bypasses user approval in Discourse
https://notcve.org/view.php?id=CVE-2022-31025
Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the `stable` branch and 2.9.0beta5 on the `beta` and `tests-passed` branches, inviting users on sites that use single sign-on could bypass the `must_approve_users` check and invites by staff are always approved automatically. The issue is patched in Discourse version 2.8.4 on the `stable` branch and version `2.9.0.beta5` on the `beta` and `tests-passed` branches. As a workaround, disable invites or increase `min_trust_level_to_allow_invite` to reduce the attack surface to more trusted users. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/discourse/discourse/commit/0fa0094531efc82d9371f90a02aa804b176d59cf https://github.com/discourse/discourse/commit/7c4e2d33fa4b922354c177ffc880a2f2701a91f9 https://github.com/discourse/discourse/pull/16974 https://github.com/discourse/discourse/pull/16984 https://github.com/discourse/discourse/security/advisories/GHSA-x7jh-mx5q-6f9q • CWE-285: Improper Authorization •
CVE-2022-24850 – Category group permissions leaked in Discourse
https://notcve.org/view.php?id=CVE-2022-24850
Discourse is an open source platform for community discussion. A category's group permissions settings can be viewed by anyone that has access to the category. As a result, a normal user is able to see whether a group has read/write permissions in the category even though the information should only be available to the users that can manage a category. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no workarounds for this problem. • https://github.com/discourse/discourse/security/advisories/GHSA-34xr-ff4w-mcpf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-24824 – Anonymous user cache poisoning in discourse
https://notcve.org/view.php?id=CVE-2022-24824
Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue. • https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVE-2022-24804 – Private group name exposure in discourse
https://notcve.org/view.php?id=CVE-2022-24804
Discourse is an open source platform for community discussion. In stable versions prior to 2.8.3 and beta versions prior 2.9.0.beta4 erroneously expose groups. When a group with restricted visibility has been used to set the permissions of a category, the name of the group is leaked to any user that is able to see the category. To workaround the problem, a site administrator can remove groups with restricted visibility from any category's permissions setting. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/discourse/discourse/commit/0f7b9878ff3207ce20970f0517604793920bb3d2 https://github.com/discourse/discourse/security/advisories/GHSA-v4c9-6m9g-37ff • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •