CVE-2023-23935: Presence of restricted personal Discourse messages may be leaked if tagged with a tag
First published: Thu Mar 16 2023(Updated: )
Discourse is an open-source messaging platform. In versions 3.0.1 and prior on the `stable` branch and versions 3.1.0.beta2 and prior on the `beta` and `tests-passed` branches, the count of personal messages displayed for a tag is a count of all personal messages regardless of whether the personal message is visible to a given user. As a result, any users can technically poll a sensitive tag to determine if a new personal message is created even if the user does not have access to the personal message. In the patched versions, the count of personal messages tagged with a given tag is hidden by default. To revert to the old behaviour of displaying the count of personal messages for a given tag, an admin may enable the `display_personal_messages_tag_counts` site setting.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Discourse | <3.0.1 | |
| Discourse | =1.1.0-beta1 | |
| Discourse | =1.1.0-beta2 | |
| Discourse | =1.1.0-beta3 | |
| Discourse | =1.1.0-beta4 | |
| Discourse | =1.1.0-beta5 | |
| Discourse | =1.1.0-beta6 | |
| Discourse | =1.1.0-beta6b | |
| Discourse | =1.1.0-beta7 | |
| Discourse | =1.1.0-beta8 | |
| Discourse | =1.2.0-beta1 | |
| Discourse | =1.2.0-beta2 | |
| Discourse | =1.2.0-beta3 | |
| Discourse | =1.2.0-beta4 | |
| Discourse | =1.2.0-beta5 | |
| Discourse | =1.2.0-beta6 | |
| Discourse | =1.2.0-beta7 | |
| Discourse | =1.2.0-beta8 | |
| Discourse | =1.2.0-beta9 | |
| Discourse | =1.3.0-beta1 | |
| Discourse | =1.3.0-beta10 | |
| Discourse | =1.3.0-beta11 | |
| Discourse | =1.3.0-beta2 | |
| Discourse | =1.3.0-beta3 | |
| Discourse | =1.3.0-beta4 | |
| Discourse | =1.3.0-beta5 | |
| Discourse | =1.3.0-beta6 | |
| Discourse | =1.3.0-beta7 | |
| Discourse | =1.3.0-beta8 | |
| Discourse | =1.3.0-beta9 | |
| Discourse | =1.4.0-beta1 | |
| Discourse | =1.4.0-beta10 | |
| Discourse | =1.4.0-beta11 | |
| Discourse | =1.4.0-beta12 | |
| Discourse | =1.4.0-beta2 | |
| Discourse | =1.4.0-beta3 | |
| Discourse | =1.4.0-beta4 | |
| Discourse | =1.4.0-beta5 | |
| Discourse | =1.4.0-beta6 | |
| Discourse | =1.4.0-beta7 | |
| Discourse | =1.4.0-beta8 | |
| Discourse | =1.4.0-beta9 | |
| Discourse | =1.5.0-beta1 | |
| Discourse | =1.5.0-beta10 | |
| Discourse | =1.5.0-beta11 | |
| Discourse | =1.5.0-beta12 | |
| Discourse | =1.5.0-beta13 | |
| Discourse | =1.5.0-beta13b | |
| Discourse | =1.5.0-beta14 | |
| Discourse | =1.5.0-beta2 | |
| Discourse | =1.5.0-beta3 | |
| Discourse | =1.5.0-beta4 | |
| Discourse | =1.5.0-beta5 | |
| Discourse | =1.5.0-beta6 | |
| Discourse | =1.5.0-beta7 | |
| Discourse | =1.5.0-beta8 | |
| Discourse | =1.5.0-beta9 | |
| Discourse | =1.6.0-beta1 | |
| Discourse | =1.6.0-beta10 | |
| Discourse | =1.6.0-beta11 | |
| Discourse | =1.6.0-beta12 | |
| Discourse | =1.6.0-beta2 | |
| Discourse | =1.6.0-beta3 | |
| Discourse | =1.6.0-beta4 | |
| Discourse | =1.6.0-beta5 | |
| Discourse | =1.6.0-beta6 | |
| Discourse | =1.6.0-beta7 | |
| Discourse | =1.6.0-beta8 | |
| Discourse | =1.6.0-beta9 | |
| Discourse | =1.7.0-beta1 | |
| Discourse | =1.7.0-beta10 | |
| Discourse | =1.7.0-beta11 | |
| Discourse | =1.7.0-beta2 | |
| Discourse | =1.7.0-beta3 | |
| Discourse | =1.7.0-beta4 | |
| Discourse | =1.7.0-beta5 | |
| Discourse | =1.7.0-beta6 | |
| Discourse | =1.7.0-beta7 | |
| Discourse | =1.7.0-beta8 | |
| Discourse | =1.7.0-beta9 | |
| Discourse | =1.8.0-beta1 | |
| Discourse | =1.8.0-beta10 | |
| Discourse | =1.8.0-beta11 | |
| Discourse | =1.8.0-beta12 | |
| Discourse | =1.8.0-beta13 | |
| Discourse | =1.8.0-beta2 | |
| Discourse | =1.8.0-beta3 | |
| Discourse | =1.8.0-beta4 | |
| Discourse | =1.8.0-beta5 | |
| Discourse | =1.8.0-beta6 | |
| Discourse | =1.8.0-beta7 | |
| Discourse | =1.8.0-beta8 | |
| Discourse | =1.8.0-beta9 | |
| Discourse | =1.9.0-beta1 | |
| Discourse | =1.9.0-beta10 | |
| Discourse | =1.9.0-beta11 | |
| Discourse | =1.9.0-beta12 | |
| Discourse | =1.9.0-beta13 | |
| Discourse | =1.9.0-beta14 | |
| Discourse | =1.9.0-beta15 | |
| Discourse | =1.9.0-beta16 | |
| Discourse | =1.9.0-beta17 | |
| Discourse | =1.9.0-beta2 | |
| Discourse | =1.9.0-beta3 | |
| Discourse | =1.9.0-beta4 | |
| Discourse | =1.9.0-beta5 | |
| Discourse | =1.9.0-beta6 | |
| Discourse | =1.9.0-beta7 | |
| Discourse | =1.9.0-beta8 | |
| Discourse | =1.9.0-beta9 | |
| Discourse | =2.0.0-beta1 | |
| Discourse | =2.0.0-beta10 | |
| Discourse | =2.0.0-beta2 | |
| Discourse | =2.0.0-beta3 | |
| Discourse | =2.0.0-beta4 | |
| Discourse | =2.0.0-beta5 | |
| Discourse | =2.0.0-beta6 | |
| Discourse | =2.0.0-beta7 | |
| Discourse | =2.0.0-beta8 | |
| Discourse | =2.0.0-beta9 | |
| Discourse | =2.1.0-beta1 | |
| Discourse | =2.1.0-beta2 | |
| Discourse | =2.1.0-beta3 | |
| Discourse | =2.1.0-beta4 | |
| Discourse | =2.1.0-beta5 | |
| Discourse | =2.1.0-beta6 | |
| Discourse | =2.2.0-beta1 | |
| Discourse | =2.2.0-beta10 | |
| Discourse | =2.2.0-beta2 | |
| Discourse | =2.2.0-beta3 | |
| Discourse | =2.2.0-beta4 | |
| Discourse | =2.2.0-beta5 | |
| Discourse | =2.2.0-beta6 | |
| Discourse | =2.2.0-beta7 | |
| Discourse | =2.2.0-beta8 | |
| Discourse | =2.2.0-beta9 | |
| Discourse | =2.3.0-beta1 | |
| Discourse | =2.3.0-beta10 | |
| Discourse | =2.3.0-beta11 | |
| Discourse | =2.3.0-beta2 | |
| Discourse | =2.3.0-beta3 | |
| Discourse | =2.3.0-beta4 | |
| Discourse | =2.3.0-beta5 | |
| Discourse | =2.3.0-beta6 | |
| Discourse | =2.3.0-beta7 | |
| Discourse | =2.3.0-beta8 | |
| Discourse | =2.3.0-beta9 | |
| Discourse | =2.4.0-beta1 | |
| Discourse | =2.4.0-beta10 | |
| Discourse | =2.4.0-beta11 | |
| Discourse | =2.4.0-beta2 | |
| Discourse | =2.4.0-beta3 | |
| Discourse | =2.4.0-beta4 | |
| Discourse | =2.4.0-beta5 | |
| Discourse | =2.4.0-beta6 | |
| Discourse | =2.4.0-beta7 | |
| Discourse | =2.4.0-beta8 | |
| Discourse | =2.4.0-beta9 | |
| Discourse | =2.5.0-beta1 | |
| Discourse | =2.5.0-beta2 | |
| Discourse | =2.5.0-beta3 | |
| Discourse | =2.5.0-beta4 | |
| Discourse | =2.5.0-beta5 | |
| Discourse | =2.5.0-beta6 | |
| Discourse | =2.5.0-beta7 | |
| Discourse | =2.6.0-beta1 | |
| Discourse | =2.6.0-beta2 | |
| Discourse | =2.6.0-beta3 | |
| Discourse | =2.6.0-beta4 | |
| Discourse | =2.6.0-beta5 | |
| Discourse | =2.6.0-beta6 | |
| Discourse | =2.7.0-beta1 | |
| Discourse | =2.7.0-beta2 | |
| Discourse | =2.7.0-beta3 | |
| Discourse | =2.7.0-beta4 | |
| Discourse | =2.7.0-beta5 | |
| Discourse | =2.7.0-beta6 | |
| Discourse | =2.7.0-beta7 | |
| Discourse | =2.7.0-beta8 | |
| Discourse | =2.7.0-beta9 | |
| Discourse | =2.8.0-beta1 | |
| Discourse | =2.8.0-beta10 | |
| Discourse | =2.8.0-beta11 | |
| Discourse | =2.8.0-beta2 | |
| Discourse | =2.8.0-beta3 | |
| Discourse | =2.8.0-beta4 | |
| Discourse | =2.8.0-beta5 | |
| Discourse | =2.8.0-beta6 | |
| Discourse | =2.8.0-beta7 | |
| Discourse | =2.8.0-beta8 | |
| Discourse | =2.8.0-beta9 | |
| Discourse | =2.9.0-beta1 | |
| Discourse | =2.9.0-beta10 | |
| Discourse | =2.9.0-beta11 | |
| Discourse | =2.9.0-beta12 | |
| Discourse | =2.9.0-beta13 | |
| Discourse | =2.9.0-beta14 | |
| Discourse | =2.9.0-beta2 | |
| Discourse | =2.9.0-beta3 | |
| Discourse | =2.9.0-beta4 | |
| Discourse | =2.9.0-beta5 | |
| Discourse | =2.9.0-beta6 | |
| Discourse | =2.9.0-beta7 | |
| Discourse | =2.9.0-beta8 | |
| Discourse | =2.9.0-beta9 | |
| Discourse | =3.0.0-beta15 | |
| Discourse | =3.0.0-beta16 | |
| Discourse | =3.1.0-beta1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-23935?
The severity of CVE-2023-23935 has not been explicitly classified, but it affects versions of Discourse prior to 3.1.0.beta2, potentially leading to user confusion regarding private message counts.
How do I fix CVE-2023-23935?
To fix CVE-2023-23935, update your Discourse implementation to version 3.1.0.beta3 or later.
What versions are affected by CVE-2023-23935?
CVE-2023-23935 affects Discourse versions 3.0.1 and prior on the stable branch, and 3.1.0.beta2 and prior on the beta and tests-passed branches.
What type of vulnerability is CVE-2023-23935?
CVE-2023-23935 is classified as an information disclosure vulnerability involving the misleading count of personal messages.
Is there a workaround for CVE-2023-23935?
There are no known workarounds for CVE-2023-23935; updating to the latest version is the recommended course of action.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/remedy
- agent/severity
- agent/title
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/discourse
- canonical/discourse
- version/discourse/1.1.0-beta1
- version/discourse/1.1.0-beta2
- version/discourse/1.1.0-beta3
- version/discourse/1.1.0-beta4
- version/discourse/1.1.0-beta5
- version/discourse/1.1.0-beta6
- version/discourse/1.1.0-beta6b
- version/discourse/1.1.0-beta7
- version/discourse/1.1.0-beta8
- version/discourse/1.2.0-beta1
- version/discourse/1.2.0-beta2
- version/discourse/1.2.0-beta3
- version/discourse/1.2.0-beta4
- version/discourse/1.2.0-beta5
- version/discourse/1.2.0-beta6
- version/discourse/1.2.0-beta7
- version/discourse/1.2.0-beta8
- version/discourse/1.2.0-beta9
- version/discourse/1.3.0-beta1
- version/discourse/1.3.0-beta10
- version/discourse/1.3.0-beta11
- version/discourse/1.3.0-beta2
- version/discourse/1.3.0-beta3
- version/discourse/1.3.0-beta4
- version/discourse/1.3.0-beta5
- version/discourse/1.3.0-beta6
- version/discourse/1.3.0-beta7
- version/discourse/1.3.0-beta8
- version/discourse/1.3.0-beta9
- version/discourse/1.4.0-beta1
- version/discourse/1.4.0-beta10
- version/discourse/1.4.0-beta11
- version/discourse/1.4.0-beta12
- version/discourse/1.4.0-beta2
- version/discourse/1.4.0-beta3
- version/discourse/1.4.0-beta4
- version/discourse/1.4.0-beta5
- version/discourse/1.4.0-beta6
- version/discourse/1.4.0-beta7
- version/discourse/1.4.0-beta8
- version/discourse/1.4.0-beta9
- version/discourse/1.5.0-beta1
- version/discourse/1.5.0-beta10
- version/discourse/1.5.0-beta11
- version/discourse/1.5.0-beta12
- version/discourse/1.5.0-beta13
- version/discourse/1.5.0-beta13b
- version/discourse/1.5.0-beta14
- version/discourse/1.5.0-beta2
- version/discourse/1.5.0-beta3
- version/discourse/1.5.0-beta4
- version/discourse/1.5.0-beta5
- version/discourse/1.5.0-beta6
- version/discourse/1.5.0-beta7
- version/discourse/1.5.0-beta8
- version/discourse/1.5.0-beta9
- version/discourse/1.6.0-beta1
- version/discourse/1.6.0-beta10
- version/discourse/1.6.0-beta11
- version/discourse/1.6.0-beta12
- version/discourse/1.6.0-beta2
- version/discourse/1.6.0-beta3
- version/discourse/1.6.0-beta4
- version/discourse/1.6.0-beta5
- version/discourse/1.6.0-beta6
- version/discourse/1.6.0-beta7
- version/discourse/1.6.0-beta8
- version/discourse/1.6.0-beta9
- version/discourse/1.7.0-beta1
- version/discourse/1.7.0-beta10
- version/discourse/1.7.0-beta11
- version/discourse/1.7.0-beta2
- version/discourse/1.7.0-beta3
- version/discourse/1.7.0-beta4
- version/discourse/1.7.0-beta5
- version/discourse/1.7.0-beta6
- version/discourse/1.7.0-beta7
- version/discourse/1.7.0-beta8
- version/discourse/1.7.0-beta9
- version/discourse/1.8.0-beta1
- version/discourse/1.8.0-beta10
- version/discourse/1.8.0-beta11
- version/discourse/1.8.0-beta12
- version/discourse/1.8.0-beta13
- version/discourse/1.8.0-beta2
- version/discourse/1.8.0-beta3
- version/discourse/1.8.0-beta4
- version/discourse/1.8.0-beta5
- version/discourse/1.8.0-beta6
- version/discourse/1.8.0-beta7
- version/discourse/1.8.0-beta8
- version/discourse/1.8.0-beta9
- version/discourse/1.9.0-beta1
- version/discourse/1.9.0-beta10
- version/discourse/1.9.0-beta11
- version/discourse/1.9.0-beta12
- version/discourse/1.9.0-beta13
- version/discourse/1.9.0-beta14
- version/discourse/1.9.0-beta15
- version/discourse/1.9.0-beta16
- version/discourse/1.9.0-beta17
- version/discourse/1.9.0-beta2
- version/discourse/1.9.0-beta3
- version/discourse/1.9.0-beta4
- version/discourse/1.9.0-beta5
- version/discourse/1.9.0-beta6
- version/discourse/1.9.0-beta7
- version/discourse/1.9.0-beta8
- version/discourse/1.9.0-beta9
- version/discourse/2.0.0-beta1
- version/discourse/2.0.0-beta10
- version/discourse/2.0.0-beta2
- version/discourse/2.0.0-beta3
- version/discourse/2.0.0-beta4
- version/discourse/2.0.0-beta5
- version/discourse/2.0.0-beta6
- version/discourse/2.0.0-beta7
- version/discourse/2.0.0-beta8
- version/discourse/2.0.0-beta9
- version/discourse/2.1.0-beta1
- version/discourse/2.1.0-beta2
- version/discourse/2.1.0-beta3
- version/discourse/2.1.0-beta4
- version/discourse/2.1.0-beta5
- version/discourse/2.1.0-beta6
- version/discourse/2.2.0-beta1
- version/discourse/2.2.0-beta10
- version/discourse/2.2.0-beta2
- version/discourse/2.2.0-beta3
- version/discourse/2.2.0-beta4
- version/discourse/2.2.0-beta5
- version/discourse/2.2.0-beta6
- version/discourse/2.2.0-beta7
- version/discourse/2.2.0-beta8
- version/discourse/2.2.0-beta9
- version/discourse/2.3.0-beta1
- version/discourse/2.3.0-beta10
- version/discourse/2.3.0-beta11
- version/discourse/2.3.0-beta2
- version/discourse/2.3.0-beta3
- version/discourse/2.3.0-beta4
- version/discourse/2.3.0-beta5
- version/discourse/2.3.0-beta6
- version/discourse/2.3.0-beta7
- version/discourse/2.3.0-beta8
- version/discourse/2.3.0-beta9
- version/discourse/2.4.0-beta1
- version/discourse/2.4.0-beta10
- version/discourse/2.4.0-beta11
- version/discourse/2.4.0-beta2
- version/discourse/2.4.0-beta3
- version/discourse/2.4.0-beta4
- version/discourse/2.4.0-beta5
- version/discourse/2.4.0-beta6
- version/discourse/2.4.0-beta7
- version/discourse/2.4.0-beta8
- version/discourse/2.4.0-beta9
- version/discourse/2.5.0-beta1
- version/discourse/2.5.0-beta2
- version/discourse/2.5.0-beta3
- version/discourse/2.5.0-beta4
- version/discourse/2.5.0-beta5
- version/discourse/2.5.0-beta6
- version/discourse/2.5.0-beta7
- version/discourse/2.6.0-beta1
- version/discourse/2.6.0-beta2
- version/discourse/2.6.0-beta3
- version/discourse/2.6.0-beta4
- version/discourse/2.6.0-beta5
- version/discourse/2.6.0-beta6
- version/discourse/2.7.0-beta1
- version/discourse/2.7.0-beta2
- version/discourse/2.7.0-beta3
- version/discourse/2.7.0-beta4
- version/discourse/2.7.0-beta5
- version/discourse/2.7.0-beta6
- version/discourse/2.7.0-beta7
- version/discourse/2.7.0-beta8
- version/discourse/2.7.0-beta9
- version/discourse/2.8.0-beta1
- version/discourse/2.8.0-beta10
- version/discourse/2.8.0-beta11
- version/discourse/2.8.0-beta2
- version/discourse/2.8.0-beta3
- version/discourse/2.8.0-beta4
- version/discourse/2.8.0-beta5
- version/discourse/2.8.0-beta6
- version/discourse/2.8.0-beta7
- version/discourse/2.8.0-beta8
- version/discourse/2.8.0-beta9
- version/discourse/2.9.0-beta1
- version/discourse/2.9.0-beta10
- version/discourse/2.9.0-beta11
- version/discourse/2.9.0-beta12
- version/discourse/2.9.0-beta13
- version/discourse/2.9.0-beta14
- version/discourse/2.9.0-beta2
- version/discourse/2.9.0-beta3
- version/discourse/2.9.0-beta4
- version/discourse/2.9.0-beta5
- version/discourse/2.9.0-beta6
- version/discourse/2.9.0-beta7
- version/discourse/2.9.0-beta8
- version/discourse/2.9.0-beta9
- version/discourse/3.0.0-beta15
- version/discourse/3.0.0-beta16
- version/discourse/3.1.0-beta1