Unrated severityNVD Advisory· Published Sep 23, 2021· Updated Aug 4, 2024
CVE-2020-24327
CVE-2020-24327
Description
Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Discourse/Discoursedescription
- Range: 2.3.2, 2.6
Patches
Vulnerability mechanics
References
2- github.com/discourse/discourse/pull/10509mitrex_refsource_MISC
- github.com/purple-WL/Discourse-sending-email-function-exist-Server-side-request-forgery-SSRF-/issues/1mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.