Skip to content

Bypass of Poll voting limits

Low
jomaxro published GHSA-jq7h-44vc-h6qx Dec 1, 2021

Package

No package listed

Affected versions

stable <= 2.7.10; beta,tests-passed <= 2.8.0.beta8;

Patched versions

stable >= 2.7.11; beta,tests-passed >= 2.8.0.beta9;

Description

Impact

A vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll

Patches

The problem is patched in the latest tests-passed, beta and stable versions of Discourse

References

1d0faed

Severity

Low

CVE ID

CVE-2021-43793

Weaknesses

No CWEs

Credits