CVE-2024-24748

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Mar 15, 2024

Updated: Mar 17, 2024

CWE ID 200

Summary

CVE-2024-24748 is a vulnerability affecting Discourse, an open-source community discussion platform. In exploited versions of the software, an attacker can identify the existence of a secret subcategory under a public category that does not have any publicly visible subcategories. This issue has been addressed in the latest stable, beta, and tests-passed versions of Discourse. It is recommended that users upgrade their software to mitigate this risk, as no known workarounds are available for this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uVGFJ5
https://www.cve.org/CVERecord?id=CVE-2024-24748
https://nvd.nist.gov/vuln/detail/CVE-2024-24748

Back to Vulnerability Database

CVE-2024-24748

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations