CVE-2025-22601 - Discourse Username Hijacking Vulnerability
CVE ID : CVE-2025-22601 Published : Feb. 4, 2025, 9:15 p.m. | 1 hour, 29 minutes ago Description : Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the `activate-account` route. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22601
Published : Feb. 4, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the `activate-account` route. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Feb. 4, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the `activate-account` route. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
