CVE-2022-21642

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2.7.13 Discourse versions prior to 2.8.0.beta11

Description Discourse is an open source platform for community discussion. In affected versions, when composing a message from a topic, the composer user suggestions reveal whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11.

Recommendations For versions prior to 2.7.13, upgrade to version 2.7.13 or later. For versions prior to 2.8.0.beta11, upgrade to version 2.8.0.beta11 or later.