CVE-2023-23624
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, someone can use the exclude_tag param to filter out topics and deduce which ones were using a specific hidden tag. This affects any Discourse site using hidden tags in public categories. This issue is patched in version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches. As a workaround, secure any categories that are using hidden tags, change any existing hidden tags to not include private data, or remove any hidden tags currently in use.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| discourse | discourse | < 3.0.1 | affected |
| discourse | discourse | = 3.1.0.beta1 | affected |
Weaknesses
- CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/discourse/discourse/security/advisories/GHSA-qgj5-g5vf-fm7q
- https://github.com/discourse/discourse/pull/20006
- https://github.com/discourse/discourse/commit/f55e0fe7910149c431861c18ce407d1be0d6091a
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://github.com/discourse/discourse/security/advisories/GHSA-qgj5-g5vf-fm7q
- https://github.com/discourse/discourse/pull/20006
- https://github.com/discourse/discourse/commit/f55e0fe7910149c431861c18ce407d1be0d6091a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.