CVE-2021-37703
on github
Published
Severity
CVSS v3:
4.3 MEDIUM
CVSS v2:
4.3 MEDIUM
Description
Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta5, a user's read state for a topic such as the last read post number and the notification level is exposed.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:*:*:*:* | n/a | n/a | 2.8.0 |
cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:*:*:*:* | n/a | n/a | 2.8.0 |
cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:*:*:*:* | n/a | n/a | 2.8.0 |
cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:* | n/a | 2.7.8 | * |
cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:*:*:*:* | n/a | n/a | 2.8.0 |