CVE-2019-1020018

Published July 29th, 2019

View on NVD ↗

CVSS v3

7.3

HIGH

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link.

discourse/discourse

A platform for community discussion. Free, open, simple.

GitHub

47.3K