Home > Vulnerability Database > CVE-2024-53994

Mend.io Vulnerability Database

CVE-2024-53994

Date: February 4, 2025

Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable the chat plugin within site settings.

Severity Score

4.3

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-53994

Url: https://github.com/discourse/discourse/security/advisories/GHSA-mrpw-gwj7-98r6

Url: https://www.mend.io/vulnerability-database/CVE-2024-53994

Severity Score

4.3

Weakness Type (CWE)

Improper Preservation of Permissions

CWE-281

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-53994

Date: February 4, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?