{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T13:34:28.107","vulnerabilities":[{"cve":{"id":"CVE-2022-39378","sourceIdentifier":"security-advisories@github.com","published":"2022-11-02T17:15:17.623","lastModified":"2024-11-21T07:18:10.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Discourse is a platform for community discussion. Under certain conditions, a user badge may have been awarded based on a user's activity in a topic with restricted access. Before this vulnerability was disclosed, the topic title of the topic associated with the user badge may be viewed by any user. If there are sensitive information in the topic title, it will therefore have been exposed. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are currently no known workarounds available."},{"lang":"es","value":"Discourse es una plataforma para la discusión comunitaria. Bajo ciertas condiciones, es posible que se haya otorgado una insignia de usuario en función de la actividad de un usuario en un tema con acceso restringido. Antes de que se revelara esta vulnerabilidad, cualquier usuario podía ver el título del tema asociado con la insignia de usuario. Si hay información sensible en el título del tema, por lo tanto habrá sido expuesta. Este problema está solucionado en las últimas versiones estable, beta y de prueba de Discourse. Actualmente no hay workarounds conocidos disponibles."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*","versionEndExcluding":"2.8.9","matchCriteriaId":"3BC8F74E-6BEF-4A8C-AF34-A0FC24A1EDFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta1:*:*:*:*:*:*","matchCriteriaId":"B3803EF9-A296-42B7-887F-93C5E68E94C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta2:*:*:*:*:*:*","matchCriteriaId":"8BA3D313-3C11-43E2-A47D-CBB532D1B6F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta3:*:*:*:*:*:*","matchCriteriaId":"6F42673E-65F3-4807-9484-20CB747420FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta4:*:*:*:*:*:*","matchCriteriaId":"0B91D023-FCE5-4866-AD8B-BBB675763104"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta5:*:*:*:*:*:*","matchCriteriaId":"0086484D-0164-449C-8AAE-BE7479CB9706"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta6:*:*:*:*:*:*","matchCriteriaId":"F9D1B031-96C7-44C0-A0A0-F67ABE55C93C"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta7:*:*:*:*:*:*","matchCriteriaId":"750D2AD9-35E7-4AC7-9C22-AA90DAA34F3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta8:*:*:*:*:*:*","matchCriteriaId":"B68E308A-BDAB-4614-A563-4460F7996CBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:discourse:discourse:2.9.0:beta9:*:*:*:*:*:*","matchCriteriaId":"5DEDE4C5-2C2A-4B74-BB41-8AAA0EE636E2"}]}]}],"references":[{"url":"https://github.com/discourse/discourse/security/advisories/GHSA-2gvq-27h6-4h5f","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/discourse/discourse/security/advisories/GHSA-2gvq-27h6-4h5f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}