漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Reaction data for user notifications exposed in Discourse-reactions
Vulnerability Description
Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Discourse 访问控制错误漏洞
Vulnerability Description
Discourse是一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse-reactions 2c26939之前版本存在访问控制错误漏洞,该漏洞源于允许用户将他们的eaction 添加到帖子中,该数据可能会被暴露。
CVSS Information
N/A
Vulnerability Type
N/A