CVE-2023-23622

Published on: Not Yet Published

Last Modified on: 03/17/2023 03:44:00 PM UTC

CVE-2023-23622 - advisory for GHSA-2wvr-4x7w-v795

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF

Certain versions of Discourse from Discourse contain the following vulnerability:

Discourse is an open-source discussion platform. Prior to version 3.0.1 of the `stable` branch and version 3.1.0.beta2 of the `beta` and `tests-passed` branches, the count of topics displayed for a tag is a count of all regular topics regardless of whether the topic is in a read restricted category or not. As a result, any users can technically poll a sensitive tag to determine if a new topic is created in a category which the user does not have excess to. In version 3.0.1 of the `stable` branch and version 3.1.0.beta2 of the `beta` and `tests-passed` branches, the count of topics displayed for a tag defaults to only counting regular topics which are not in read restricted categories. Staff users will continue to see a count of all topics regardless of the topic's category read restrictions.

  • CVE-2023-23622 has been assigned by URL Logo [email protected] to track the vulnerability
  • Affected Vendor/Software: URL Logo discourse - discourse version = stable < 3.0.1
  • Affected Vendor/Software: URL Logo discourse - discourse version = beta < 3.1.0.beta2
  • Affected Vendor/Software: URL Logo discourse - discourse version = tests-passed < 3.1.0.beta2

CVE References

Description Tags Link
Presence of read restricted topics may be leaked if tagged with a tag that is visible to all users · Advisory · discourse/discourse · GitHub github.com
text/html
URL Logo MISC github.com/discourse/discourse/security/advisories/GHSA-2wvr-4x7w-v795
SECURITY: only show restricted tag lists to authorized users (#20005) · discourse/[email protected] · GitHub github.com
text/html
URL Logo MISC github.com/discourse/discourse/commit/ecb9aa5dba94741d9579f4f873f0675f48b4184f
SECURITY: only show restricted tag lists to authorized users by nbianca · Pull Request #20005 · discourse/discourse · GitHub github.com
text/html
URL Logo MISC github.com/discourse/discourse/pull/20005
SECURITY: only show restricted tag lists to authorized users (#20004) · discourse/[email protected] · GitHub github.com
text/html
URL Logo MISC github.com/discourse/discourse/commit/105fee978d73b0ec23ff814a09d1c0c9ace95164
SECURITY: only show restricted tag lists to authorized users by nbianca · Pull Request #20004 · discourse/discourse · GitHub github.com
text/html
URL Logo MISC github.com/discourse/discourse/pull/20004

Known Affected Software

Vendor Product Version
Discourse discourse= stable < 3.0.1
Discourse discourse= beta < 3.1.0.beta2
Discourse discourse= tests-passed < 3.1.0.beta2

Social Mentions

Source Title Posted (UTC)
Twitter Icon @CVEreport CVE-2023-23622 : Discourse is an open-source discussion platform. Prior to version 3.0.1 of the `stable` branch and… twitter.com/i/web/status/1… 2023-03-17 15:05:27
Reddit Logo Icon /r/netcve CVE-2023-23622 2023-03-17 16:38:22
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report