4.8

CVE-2025-32376

Discourse DM limits aren’t always properly enforced

Discourse is an open-source discussion platform. Prior to versions 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the users limit for a DM can be bypassed, thus giving the ability to potentially create a DM with every user from a site in it. This issue has been patched in stable version 3.4.3 and beta version 3.5.0.beta3.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DiscourseDiscourse SwEditionstable Version < 3.4.3
DiscourseDiscourse Version1.1.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta6b SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.1.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.2.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.3.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.4.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta13b SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta14 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.5.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.6.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.7.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.8.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta14 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta15 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta16 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta17 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version1.9.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.0.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.1.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.2.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.3.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.4.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.5.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.6.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.7.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.8.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta10 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta11 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta12 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta13 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta14 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version2.9.0 Updatebeta9 SwEditionbeta
DiscourseDiscourse Version3.0.0 Updatebeta15 SwEditionbeta
DiscourseDiscourse Version3.0.0 Updatebeta16 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta7 SwEditionbeta
DiscourseDiscourse Version3.1.0 Updatebeta8 SwEditionbeta
DiscourseDiscourse Version3.2.0 SwEditionbeta
DiscourseDiscourse Version3.2.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version3.2.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version3.2.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version3.2.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta5 SwEditionbeta
DiscourseDiscourse Version3.3.0 Updatebeta6 SwEditionbeta
DiscourseDiscourse Version3.4.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version3.4.0 Updatebeta2 SwEditionbeta
DiscourseDiscourse Version3.4.0 Updatebeta3 SwEditionbeta
DiscourseDiscourse Version3.4.0 Updatebeta4 SwEditionbeta
DiscourseDiscourse Version3.5.0 Updatebeta1 SwEditionbeta
DiscourseDiscourse Version3.5.0 Updatebeta2 SwEditionbeta
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.118
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
security-advisories@github.com 4.8 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://github.com/discourse/discourse/security/advisories/GHSA-mqqq-h2x3-46fr
Vendor Advisory
https://github.com/discourse/discourse/commit/21a7f3162221c393f9bb13721451aa7f237d881a
Patch