CVE-2022-37458 Information

Description

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate.

Reference

https://www.enisa.europa.eu/topics/threat-risk-management/vulnerability-disclosure https://github.com/discourse/discourse/tags https://github.com/discourse/discourse/security/advisories/GHSA-q2rg-m477-8wg7