CVE-2024-24817 | Discourse discourse-calendar up to 0.3 Event Invite information disclosure

Posted by Angelo Barbosa | Feb 22, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Discourse discourse-calendar up to 0.3. Affected is an unknown function of the component Event Invite Handler. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2024-24817. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24817 | Discourse discourse-calendar up to 0.3 Event Invite information disclosure

Related Posts

CVE-2023-34168 | Alex Raven WP Report Post Plugin up to 2.1.2 on WordPress sql injection

CVE-2024-5882 | Ultimate Classified Listings Plugin up to 1.2 on WordPress ucl_page/layout access control

CVE-2023-50719 | XWiki Platform unknown vulnerability (GHSA-p6cp-6r35-32mh)

CVE-2023-42881 | Apple macOS AppleVA Remote Code Execution (HT214036)