Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Discourse: Composer mentions endpoint leaks hidden group membership through PM `allowed_names` check
Vulnerability Description
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the ComposerController#mentions endpoint reveals hidden group membership to any authenticated user who can message the group. By supplying allowed_names referencing a hidden-membership group and probing arbitrary usernames, an attacker can infer membership based on whether user_reasons returns "private" for a given user. This bypasses group member-visibility controls. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. To work around this issue, restrict the messageable policy of any hidden-membership group to staff or group members only, so untrusted users cannot reach the vulnerable code path.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Discourse 安全漏洞
Vulnerability Description
Discourse是Discourse开源的一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse 2026.3.0-latest.1之前版本、2026.2.1之前版本和2026.1.2之前版本存在安全漏洞,该漏洞源于ComposerController#mentions端点处理不当,可能向任何可以给群组发消息的经过身份验证的用户泄露隐藏的群组成员身份。
CVSS Information
N/A
Vulnerability Type
N/A