CVE-2023-31142
on github
Published
Severity
CVSS v3:
5.3 MEDIUM
CVSS v2:
N/A
Description
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. A workaround, only if you are modifying the general category permissions, is to use a new category for the same purpose.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:discourse:discourse:3.1.0:beta1:*:*:beta:*:*:* | n/a | n/a | 3.1.0 |
cpe:2.3:a:discourse:discourse:3.1.0:beta2:*:*:beta:*:*:* | n/a | n/a | 3.1.0 |
cpe:2.3:a:discourse:discourse:3.1.0:beta3:*:*:beta:*:*:* | n/a | n/a | 3.1.0 |
cpe:2.3:a:discourse:discourse:3.1.0:beta4:*:*:beta:*:*:* | n/a | n/a | 3.1.0 |
cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:* | n/a | 3.0.4 | * |