CVE-2023-45816

Unread bookmark reminder notifications that the user cannot access can be seen

Severity Score

3.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkable (e.g. post, topic, chat message) security has changed, making it so the user can no longer access the underlying resource. As of version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, bookmark reminders are now no longer sent if the user does not have access to the underlying bookmarkable, and also the unread bookmark notifications are always filtered by access. There are no known workarounds.

Discourse es una plataforma de código abierto para el debate comunitario. Antes de la versión 3.1.3 de la rama "stable" y la versión 3.2.0.beta3 de las ramas "beta" y "tests-passed", existe un caso extremo en el que se envía un recordatorio de marcador y se genera una notificación de no leídos. pero la seguridad subyacente de los marcadores (por ejemplo, publicación, tema, mensaje de chat) ha cambiado, por lo que el usuario ya no puede acceder al recurso subyacente. A partir de la versión 3.1.3 de la rama "stable" y la versión 3.2.0.beta3 de las ramas "beta" y "tests-passed", los recordatorios de marcadores ya no se envían si el usuario no tiene acceso al marcador subyacente, y además las notificaciones de marcadores no leídos siempre se filtran por acceso. No se conocen workarounds.

*Credits: N/A

CVSS Scores

NISTv3.1 3.3

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-13 CVE Reserved
2023-11-10 CVE Published
2023-11-17 EPSS Updated
2024-09-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://github.com/discourse/discourse/commit/2c45b949ea0e9d6fa8e5af2dd07f6521ede08bf1	2023-11-16
https://github.com/discourse/discourse/commit/3c5fb871c0f54af47679ae71ad449666b01d8216	2023-11-16

URL	Date	SRC
https://github.com/discourse/discourse/security/advisories/GHSA-v9r6-92wp-f6cf	2023-11-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Discourse Search vendor "Discourse"		Discourse Search vendor "Discourse" for product "Discourse"				< 3.1.3 Search vendor "Discourse" for product "Discourse" and version " < 3.1.3"		stable		Affected
Discourse Search vendor "Discourse"		Discourse Search vendor "Discourse" for product "Discourse"				< 3.2.0 Search vendor "Discourse" for product "Discourse" and version " < 3.2.0"		beta		Affected
Discourse Search vendor "Discourse"		Discourse Search vendor "Discourse" for product "Discourse"				3.2.0 Search vendor "Discourse" for product "Discourse" and version "3.2.0"		beta1, beta		Affected
Discourse Search vendor "Discourse"		Discourse Search vendor "Discourse" for product "Discourse"				3.2.0 Search vendor "Discourse" for product "Discourse" and version "3.2.0"		beta2, beta		Affected