Vulnerability Description
Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Discourse | Discourse | < 2.7.11 |
Related Weaknesses (CWE)
References
- https://github.com/discourse/discourse/commit/0c6b9df77bac9c6f7c7e2eadf6fe100064PatchThird Party Advisory
- https://github.com/discourse/discourse/commit/1d0faedfbc3a8b77b971dc70d25e30791dPatchThird Party Advisory
- https://github.com/discourse/discourse/security/advisories/GHSA-jq7h-44vc-h6qxThird Party Advisory
- https://github.com/discourse/discourse/commit/0c6b9df77bac9c6f7c7e2eadf6fe100064PatchThird Party Advisory
- https://github.com/discourse/discourse/commit/1d0faedfbc3a8b77b971dc70d25e30791dPatchThird Party Advisory
- https://github.com/discourse/discourse/security/advisories/GHSA-jq7h-44vc-h6qxThird Party Advisory
FAQ
What is CVE-2021-43793?
CVE-2021-43793 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the l...
How severe is CVE-2021-43793?
CVE-2021-43793 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-43793?
Check the references section above for vendor advisories and patch information. Affected products include: Discourse Discourse.