BIT-discourse-2022-36068
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/discourse/BIT-discourse-2022-36068.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-discourse-2022-36068
- Aliases
- Published
- 2024-03-06T11:04:46.895Z
- Modified
- 2025-02-26T07:48:40.248Z
- Summary
- [none]
- Details
-
Discourse is an open source discussion platform. In versions prior to 2.8.9 on the
stablebranch, a moderator can create new and edit existing themes by using the API when they should not be able to do so. The problem is patched in version 2.8.9 on thestablebranch. There are no known workarounds. - Database specific
{ "cpes": [ "cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*" ], "severity": "Medium" }- References
Affected packages
Bitnami / discourse
Package
- Name
- discourse
- Purl
- pkg:bitnami/discourse
Severity
- 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator