Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cache poisoning via maliciously-formed request in discourse
Vulnerability Description
Discourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
信息暴露
Vulnerability Title
Discourse 信息泄露漏洞
Vulnerability Description
Discourse是一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse 存在信息泄露漏洞,该漏洞源于恶意制作的请求可能会导致中间代理缓存错误响应。 这可能会导致某些内容的机密性丢失。 此问题已在最新的稳定版、测试版和通过测试的 Discourse 版本中修复。
CVSS Information
N/A
Vulnerability Type
N/A