Unrated severityNVD Advisory· Published Dec 19, 2024· Updated Dec 20, 2024
Moderators can view Screened emails even when the “moderators view emails” option is disabled in Discourse
CVE-2024-52589
Description
Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn the email of a user. This problem is patched in the latest version of Discourse. Users unable to upgrade should remove moderator role from untrusted users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: stable: <= 3.3.2
Patches
Vulnerability mechanics
References
1- github.com/discourse/discourse/security/advisories/GHSA-cqw6-rr3v-8fffmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.