CVE-2026-33251 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an authorization bypass vulnerability in hidden So…
Medium CVSS: 5.4

CVE-2026-33251

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an authorization bypass vulnerability in hidden Solved topics may allow unauthorized users to accept or unaccept solutions. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. As a workaround, ensure only trusted users are part of the Site Setting for accept_all_solutions_allowed_groups.
Vendor
Discourse
Product
Discourse
CWE
CWE-863
Yayın Tarihi
2026-03-20 23:16:47
Güncelleme
2026-03-24 20:55:18
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-863 Discourse MEDIUM Discourse 2026

Referanslar

https://github.com/discourse/discourse/security/advisories/GHSA-vm2x-9h8x-7jxm