Email Exposure Vulnerability in Discourse Community Platform

CVE-2024-52589

Summary

CVE-2024-52589 identifies a vulnerability within the Discourse community platform that exposes user email addresses. Moderators with access to the admin dashboard can view screened email lists, potentially compromising user privacy. This vulnerability is crucial for site administrators to address to safeguard user information. The issue has been resolved in the latest patched version of Discourse. Admins concerned about security should ensure their systems are updated or restrict moderator access to prevent unauthorized exposure of user data.

References