CVE-2022-31182 – Discourse is the an open source discussion platform. In affected versions a maliciously cr …

Vuln ID: CVE-2022-31182

Published:  2022-08-01  20:15:08Z

Description: Discourse is the an open source discussion platform. In affected versions a maliciously crafted request for static assets could cause error responses to be cached by Discourse’s default NGINX proxy configuration. A corrected NGINX configuration is included in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Source: NVD.NIST.GOV

 


Date:

Categorie(s):

Tag(s):