CVE-2023-31142 Information

Description

Discourse is an open source discussion platform. Prior to version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches if a site has modified their general category permissions they could be set back to the default. This issue is patched in version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches. A workaround only if you are modifying the general category permissions is to use a new category for the same purpose.

Reference

https://github.com/discourse/discourse/security/advisories/GHSA-286w-97m2-78x2