5.3

CVE-2023-23624

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches, someone can use the `exclude_tag param` to filter out topics and deduce which ones were using a specific hidden tag. This affects any Discourse site using hidden tags in public categories. This issue is patched in version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches. As a workaround, secure any categories that are using hidden tags, change any existing hidden tags to not include private data, or remove any hidden tags currently in use.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DiscourseDiscourse SwEditionstable Version < 3.0.1
DiscourseDiscourse Version1.1.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta6b SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta13b SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta14 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta14 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta15 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta16 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta17 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta14 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version3.0.0 Updatebeta15 SwEditionbeta
DiscourseDiscourse Version3.0.0 Updatebeta16 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta1 SwEditionbeta
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.492
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
security-advisories@github.com 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.