Maxchang3

Name of the Vulnerable Software and Affected Versions: giscus (affected versions not specified) Description: A bug in giscus' discussions creation API allowed an unauthorized user to create discussions on any repository where giscus is installed. This affects the server-side part of giscus, which is provided via http://giscus.app or your own self-hosted service. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.