| |
Vulnerability CVE-2022-23546
Published: 2023-01-05
| Description: |
In version 2.9.0.beta14 of Discourse, an open-source discussion platform, maliciously embedded urls can leak an admin's digest of recent topics, possibly exposing private information. A patch is available for version 2.9.0.beta15. There are no known workarounds for this issue. |
Type:
CWE-200 (Information Exposure)
References: |
https://github.com/discourse/discourse/commit/cf862e736565c6fa905c12b5dbe63d0bd056efb8
https://github.com/discourse/discourse/security/advisories/GHSA-q9jp-xv4g-328f
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|