CVE-2022-31096

Name of the Vulnerable Software and Affected Versions Discourse (affected versions not specified)

Description The issue allows a logged-in user to redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. This flaw can lead to a user being incorrectly added to restricted groups, potentially allowing them to view restricted content.

Recommendations To resolve the issue, users are advised to upgrade to the current stable releases. At the moment, there is no information about specific versions that contain a fix for this vulnerability.