CVE-2023-44391

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 3.1.1 Discourse versions prior to 3.2.0.beta2

Description Discourse is an open source platform for community discussion. User summaries are accessible for anonymous users even when hide user profiles from public is enabled.

Recommendations For versions prior to 3.1.1, upgrade to version 3.1.1 or later. For versions prior to 3.2.0.beta2, upgrade to version 3.2.0.beta2 or later. As a temporary workaround, consider restricting access to user summaries for anonymous users until a patch is available.