Unrated severityNVD Advisory· Published Jan 27, 2023· Updated Mar 10, 2025
Discourse restricted tag routes leak topic information
CVE-2023-23620
Description
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and 3.1.0.beta2 on the beta and tests-passed branches, the contents of latest/top routes for restricted tags can be accessed by unauthorized users. This issue is patched in version 3.0.1 on the stable branch and 3.1.0.beta2 on the beta and tests-passed branches. There are no known workarounds.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3< 3.0.1 on stable; < 3.1.0.beta2 on beta/tests-passed+ 1 more
- (no CPE)range: < 3.0.1 on stable; < 3.1.0.beta2 on beta/tests-passed
- (no CPE)range: 3.1.0.beta1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.