How severe is CVE-2025-46813?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2025-46813?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2025-46813 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

Discourse is an open-source community platform. A data leak vulnerability affects sites deployed between commits 10df7fdee060d44accdee7679d66d778d1136510 and 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b. On login-required sites, the leak meant that some content on the site's homepage could be visible to unauthenticated users. Only login-required sites that got deployed during this timeframe are affected, roughly between April 30 2025 noon EDT and May 2 2025, noon EDT. Sites on the stable branch are unaffected. Private content on an instance's homepage could be visible to unauthenticated users on login-required sites. Versions of 3.5.0.beta4 after commit 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b are not vulnerable to the issue. No workarounds are available. Sites must upgrade to a non-vulnerable version of Discourse.

Related Vulnerabilities

CVE-2016-1321

MEDIUM

CVSS:5.8(Medium)

Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature an...

CWE-2002016

CVE-2017-0168

MEDIUM

CVSS:5.8(Medium)

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 201...

CWE-2002017

CVE-2017-3255

MEDIUM

CVSS:5.8(Medium)

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1....

CWE-2002017

CVE-2018-1612

MEDIUM

CVSS:5.8(Medium)

IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164.

CWE-2002018

CVE-2018-5477

MEDIUM

CVSS:5.8(Medium)

An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, ...

CWE-2002018

CVE-2019-0048

MEDIUM

CVSS:5.8(Medium)

On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multica...

CWE-2002019