CVE-2024-53994

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 4, 2025

CWE ID 281

Summary

CVE-2024-53994 affects Discourse, an open-source community discussion platform. Even if users have disabled chat in their preferences, they may still be reachable in certain instances. This vulnerability has been addressed in the latest version of Discourse, and it is strongly recommended that users upgrade as soon as possible. For those who cannot upgrade right away, disabling the chat plugin in site settings is an interim measure to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Discourse

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/06a-8E
https://www.cve.org/CVERecord?id=CVE-2024-53994
https://nvd.nist.gov/vuln/detail/CVE-2024-53994

Back to Vulnerability Database

CVE-2024-53994

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations