CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28242 – Disclosure of the existence of secret categories with custom backgrounds in Discourse
https://notcve.org/view.php?id=CVE-2024-28242
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that secret categories exist when they have backgrounds set. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. Users unable to upgrade should temporarily remove category backgrounds. • https://github.com/discourse/discourse/commit/b425fbc2a28341a5627928f963519006712c3d39 https://github.com/discourse/discourse/security/advisories/GHSA-c7q7-7f6q-2c23 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24748 – Disclosure of the existence of secret subcategories in Discourse
https://notcve.org/view.php?id=CVE-2024-24748
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that a secret subcategory exists under a public category which has no public subcategories. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/819361ba28f86a1347059af300bb5cca690f9193 https://github.com/discourse/discourse/security/advisories/GHSA-3qh8-xw23-cq4x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24827 – No rate limits on POST /uploads endpoint in Discourse
https://notcve.org/view.php?id=CVE-2024-24827
Discourse is an open source platform for community discussion. Without a rate limit on the POST /uploads endpoint, it makes it easier for an attacker to carry out a DoS attack on the server since creating an upload can be a resource intensive process. Do note that the impact varies from site to site as various site settings like `max_image_size_kb`, `max_attachment_size_kb` and `max_image_megapixels` will determine the amount of resources used when creating an upload. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. • https://github.com/discourse/discourse/commit/003b80e62f97cd8c0114d6b9d3f93c10443e6fae https://github.com/discourse/discourse/security/advisories/GHSA-58vw-246g-fjj4 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-23834 – Discourse improperly sanitized user input leads to XSS
https://notcve.org/view.php?id=CVE-2024-23834
Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in 3.1.5 and 3.2.0.beta5. As a workaround, ensure Content Security Policy is enabled and does not include `unsafe-inline`. • https://github.com/discourse/discourse/commit/568d704a94c528b7c2cb0f3512a7b7b606bc3000 https://github.com/discourse/discourse/security/advisories/GHSA-rj3g-8q6p-63pc https://meta.discourse.org/t/3-1-5-security-and-bug-fix-release/293094 https://meta.discourse.org/t/3-2-0-beta5-add-groups-to-dms-mobile-chat-footer-redesign-passkeys-enabled-by-default-and-more/293093 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-49099 – Discourse secure uploads accessible to guests even when login is required
https://notcve.org/view.php?id=CVE-2023-49099
Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4. Discourse es una plataforma para la discusión comunitaria. En circunstancias muy específicas, los usuarios invitados pueden acceder a las URL de carga segura asociadas con las publicaciones incluso cuando se requiere iniciar sesión. • https://github.com/discourse/discourse/commit/1b288236387fc0a823e4f15f1aea8dde81b49d53 https://github.com/discourse/discourse/security/advisories/GHSA-j67x-x6mq-pwv4 • CWE-284: Improper Access Control •