CVE-2019-1020017
Published
CVSS v3
5.3
MEDIUM
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP.
Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP.
GitHub