CVE-2026-47264— Discourse 信息泄露漏洞

Discourse: Don't leak restricted tag group names via tag info

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializer#tag_group_names returned every tag group a tag belonged to without filtering against the requesting user's visibility. With SiteSetting.tags_listed_by_group enabled, anonymous and unprivileged users hitting TagsController#info (which is exempt from requires_login) could read the names of tag groups restricted to specific user groups or non-visible categories. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

信息暴露

Discourse 信息泄露漏洞

Discourse是Discourse社区开源的一套开源的社区讨论平台。 该平台包括社区、电子邮件和聊天室等功能。 Discourse存在信息泄露漏洞，该漏洞源于DetailedTagSerializer#tag_group_names未对请求用户的可见性进行过滤，当启用SiteSetting.tags_listed_by_group设置时，匿名或低权限用户可读取受限制标签组名称，导致信息泄露。以下版本受到影响：2026.1.0-latest版本至2026.1.4之前版本、2026.3.0-latest版

N/A

N/A