CVE-2024-28242

Name of the Vulnerable Software and Affected Versions Discourse versions prior to the latest stable, beta and tests-passed version

Description The issue allows an attacker to discover the existence of secret categories when they have backgrounds set. This is a problem in an open source platform for community discussion. Users unable to upgrade should temporarily remove category backgrounds.

Recommendations For versions prior to the latest stable, beta and tests-passed version, upgrade to the latest version. As a temporary workaround, consider removing category backgrounds until the issue is resolved.