CVE-2022-24824

Name of the Vulnerable Software and Affected Versions Discourse versions prior to the latest stable, beta and tests-passed versions

Description The issue affects Discourse, an open source platform for community discussion. An attacker can poison the cache for anonymous users, causing them to see the crawler view of the site instead of the HTML page, leading to a partial denial-of-service.

Recommendations Update to the latest stable, beta, or tests-passed version of Discourse to resolve the issue. As a temporary workaround, consider restricting access to anonymous users or implementing additional caching controls until a patch is applied.