CVE-2020-24327

Published September 23rd, 2021

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites.

discourse/discourse

A platform for community discussion. Free, open, simple.

GitHub

47.3K