CVE-2022-21678

discourse/discourse
on github

Published

Severity

CVSS v3:
4.3 MEDIUM
CVSS v2:
4 MEDIUM

Description

Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the `tests-passed` branch, version 2.8.0.beta11 in the `beta` branch, and version 2.7.13 in the `stable` branch, the bios of users who made their profiles private were still visible in the `<meta>` tags on their users' pages. The problem is patched in `tests-passed` version 2.8.0.beta11, `beta` version 2.8.0.beta11, and `stable` version 2.7.13 of Discourse.

References

Configurations

CPE23Version StartVersion EndExact Version
cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta5:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta6:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta7:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta9:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:2.8.0:beta10:*:*:*:*:*:*n/an/a2.8.0
cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*n/a2.7.13*
cpe:2.3:a:discourse:discourse:2.8.0:beta8:*:*:*:*:*:*n/an/a2.8.0

External Links