CVE-2024-36122 | Discourse up to 3.2.2/3.3.0.beta3 Setting information disclosure

Inserito da Angelo Barbosa | Lug 3, 2024 | CVE

A vulnerability classified as problematic has been found in Discourse up to 3.2.2/3.3.0.beta3. Affected is an unknown function of the component Setting Handler. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2024-36122. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36122 | Discourse up to 3.2.2/3.3.0.beta3 Setting information disclosure

Post correlati

CVE-2024-32433 | Themefic BEAF Plugin up to 4.5.4 on WordPress cross-site request forgery

CVE-2023-47460 | Knovos Discovery 22.67.0 getGridColumnStructure sql injection

CVE-2020-11843 | OpenText NetIQ Access Manager up to 4.5 information disclosure

CVE-2014-6072 | Symfony Web Profiler cross-site request forgery