CVE-2022-37458

CVE-2022-37458

EPSS 1.1%

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/discourse/discourse/security/advisories/GHSA-q2rg-m477-8wg7 https://github.com/discourse/discourse/tags https://www.enisa.europa.eu/topics/threat-risk-management/vulnerability-disclosure