CVE-2022-24782 Information

Description

Discourse is an open source discussion platform. Versions 2.8.2 and prior in the stable branch 2.9.0.beta3 and prior in the beta branch and 2.9.0.beta3 and prior in the tests-passed branch are vulnerable to a data leak. Users can request an export of their own activity. Sometimes due to category settings they may have category membership for a secure category. The name of this secure category is shown to the user in the export. The same thing occurs when the user’s post has been moved to a secure category. A patch for this issue is available in the main branch of Discourse’s GitHub repository and is anticipated to be part of future releases.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Reference

https://github.com/discourse/discourse/pull/16273 https://github.com/discourse/discourse/commit/9d5737fd28374cc876c070f6c3a931a8071ec356 https://github.com/discourse/discourse/security/advisories/GHSA-c3cq-w899-f343

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

4.3