CVE-2021-41140

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-41140
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41140.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-41140
Related
  • GHSA-9358-hwg5-jrmh
Published
2021-10-19T18:15:08.030Z
Modified
2026-03-13T22:00:55.112872Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are visible. This issue is patched in version 0.2 of discourse-reaction. Users who are unable to update are advised to disable the Discourse-reactions plugin in admin panel.

References

Affected packages

Git / github.com/discourse/discourse-reactions

Affected ranges

Type
GIT
Repo
https://github.com/discourse/discourse-reactions
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
213d90b82fd15c4186ebc290fee18817d9727d0d
Type
GIT
Repo
https://github.com/discourse/discourse-reactions
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
213d90b82fd15c4186ebc290fee18817d9727d0d

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "0.2"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41140.json"