CVE-2022-24866

Discourse Assign is a plugin for assigning users to a topic in Discourse, an open-source messaging platform. Prior to version 1.0.1, the UserBookmarkSerializer serialized the whole User / Group object, which leaked some private information. The data was only being serialized to people who could view assignment info, which is limited to staff by default. For the vast majority of sites, this data was only leaked to trusted staff member, but for sites with assign features enabled publicly, the data was accessible to more people than just staff. Version 1.0.1 contains a patch. There are currently no known workarounds.

CVSS v3 4.3 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://github.com/discourse/discourse-assign/pull/320	Issue Tracking Patch Third Party Advisory
https://github.com/discourse/discourse-assign/security/advisories/GHSA-9xhf-wvjx-f5w9	Third Party Advisory
https://github.com/discourse/discourse-assign/pull/320	Issue Tracking Patch Third Party Advisory
https://github.com/discourse/discourse-assign/security/advisories/GHSA-9xhf-wvjx-f5w9	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:discourse:assign:*:*:*:*:*:discourse:*:*

History

21 Nov 2024, 06:51

Type	Values Removed	Values Added
References	~~() https://github.com/discourse/discourse-assign/pull/320 - Issue Tracking, Patch, Third Party Advisory~~	() https://github.com/discourse/discourse-assign/pull/320 - Issue Tracking, Patch, Third Party Advisory
References	~~() https://github.com/discourse/discourse-assign/security/advisories/GHSA-9xhf-wvjx-f5w9 - Third Party Advisory~~	() https://github.com/discourse/discourse-assign/security/advisories/GHSA-9xhf-wvjx-f5w9 - Third Party Advisory

06 May 2022, 14:08

Type	Values Removed	Values Added
CPE		cpe:2.3:a:discourse:assign::::::discourse::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.0 v3 : 4.3
CWE		CWE-200
References	~~(CONFIRM) https://github.com/discourse/discourse-assign/security/advisories/GHSA-9xhf-wvjx-f5w9 -~~	(CONFIRM) https://github.com/discourse/discourse-assign/security/advisories/GHSA-9xhf-wvjx-f5w9 - Third Party Advisory
References	~~(MISC) https://github.com/discourse/discourse-assign/pull/320 -~~	(MISC) https://github.com/discourse/discourse-assign/pull/320 - Issue Tracking, Patch, Third Party Advisory

26 Apr 2022, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-04-26 19:15

Updated : 2024-11-21 06:51

NVD link : CVE-2022-24866

Mitre link : CVE-2022-24866

CVE.ORG link : CVE-2022-24866

JSON object : View

Products Affected

discourse

assign

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

4.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2022-24866

4.3^/10

4.0^/10

Attach tags to `CVE-2022-24866`