CVE-2021-43793

Summary

Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse

Affected Software

VendorProductVersion RangeStatus
discoursediscoursestable < 2.7.11affected
discoursediscoursetests-passed < 2.8.0.beta9affected

Weaknesses

  • CWE-269: CWE-269: Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References