CNNVD-202512-5111 Information
CNNVD ID
CNNVD-202512-5111
Related CVE
- CNNVD Published: 2025-12-30
Description (Chinese)
Discourse是Discourse开源的一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse 3.5.3版本之前版本、2025.11.1版本之前版本和2025.12.0版本之前版本存在安全漏洞,该漏洞源于攻击者可发现用户及其全名,可能导致信息泄露。
Description (English)
Discourse is an open-source community discussion platform for Discourse. The platform includes community, e-mail and chat rooms. There was a security loophole in previous versions of Discourse 3.5.3, 2025.11.1 and 2025.12.0, which stemmed from the fact that the attackers could find the user and his full name and could lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Discourse
Published
2025-12-30
Last Modified
2026-02-24
References
https://github.com/discourse/discourse/commit/1cb45b8b287597085e3514596ffb1d9b41938f81 https://github.com/discourse/discourse/commit/6192f55629624925595dae14364fd86cac0f09df https://github.com/discourse/discourse/commit/e936a523b5900a9d866d23ea3da904ba12bb0fb2 https://github.com/discourse/discourse/security/advisories/GHSA-c59w-jwx7-34v4
Patch
https://github.com/discourse/discourse/tags
Share on: