CVE-2024-52589
CVSS 3.1 Score 2.2 of 10 (low)
Details
Published Dec 19, 2024
CWE ID 200
Summary
CVE-2024-52589 is a vulnerability affecting Discourse, an open source community discussion platform. In its unpatched state, moderators are able to view a list of Screened emails in the admin dashboard, potentially revealing the email addresses of users. This issue has been rectified in the latest version of Discourse. For organizations unable to upgrade immediately, it is recommended to remove moderator roles from untrusted users as a temporary mitigation measure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share