CVE-2024-37157 | Discourse up to 3.2.2/3.3.0.beta3 server-side request forgery

Posted by Angelo Barbosa | Jul 3, 2024 | CVE

A vulnerability classified as critical was found in Discourse up to 3.2.2/3.3.0.beta3. Affected by this vulnerability is an unknown functionality. The manipulation leads to server-side request forgery.

This vulnerability is known as CVE-2024-37157. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37157 | Discourse up to 3.2.2/3.3.0.beta3 server-side request forgery

Related Posts

CVE-2024-26908 | Linux Kernel up to 6.7.10 xen smp.c kasprintf null pointer dereference

CVE-2024-5600 | happymonkeyagency SCSS Happy Compiler Plugin up to 1.3.10 on WordPress Setting import_settings authorization

CVE-2024-4088 | shafayat-alam Gutenberg Blocks and Page Layouts Plugin up to 1.9.2 on WordPress disable_fe_assets cross-site request forgery

CVE-2024-44030 | Mestres do WP Checkout Mestres WP Plugin up to 8.6 on WordPress path traversal