Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable the chat plugin within site settings.
History

Wed, 05 Feb 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 04 Feb 2025 21:30:00 +0000

Type Values Removed Values Added
Description Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable the chat plugin within site settings.
Title Potential bypass of chat permissions in Discourse
Weaknesses CWE-281
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2025-02-04T21:12:23.126Z

Updated: 2025-02-04T21:41:27.327Z

Reserved: 2024-11-25T23:14:36.382Z

Link: CVE-2024-53994

cve-icon Vulnrichment

Updated: 2025-02-04T21:41:21.575Z

cve-icon NVD

Status : Received

Published: 2025-02-04T22:15:40.640

Modified: 2025-02-04T22:15:40.640

Link: CVE-2024-53994

cve-icon Redhat

No data.