CVE-2022-23546
In version 2.9.0.beta14 of Discourse, an open-source discussion platform, maliciously embedded urls can leak an admin's digest of recent topics, possibly exposing private information. A patch is available for version 2.9.0.beta15. There are no known workarounds for this issue.
| Software | From | Fixed in |
|---|---|---|
| discourse / discourse | 2.9.0-beta1 | 2.9.0-beta1.x |
| discourse / discourse | 2.9.0-beta2 | 2.9.0-beta2.x |
| discourse / discourse | 2.9.0-beta3 | 2.9.0-beta3.x |
| discourse / discourse | 2.9.0-beta4 | 2.9.0-beta4.x |
| discourse / discourse | 2.9.0-beta5 | 2.9.0-beta5.x |
| discourse / discourse | 2.9.0-beta7 | 2.9.0-beta7.x |
| discourse / discourse | 2.9.0-beta8 | 2.9.0-beta8.x |
| discourse / discourse | 2.9.0-beta6 | 2.9.0-beta6.x |
| discourse / discourse | 2.9.0-beta10 | 2.9.0-beta10.x |
| discourse / discourse | 2.9.0-beta11 | 2.9.0-beta11.x |
| discourse / discourse | 2.9.0-beta12 | 2.9.0-beta12.x |
| discourse / discourse | - | 2.9.0 |
| discourse / discourse | 2.9.0-beta13 | 2.9.0-beta13.x |
| discourse / discourse | 2.9.0-beta14 | 2.9.0-beta14.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime