discourse

github-mirror/discourse

Fork 0

mirror of https://github.com/discourse/discourse.git synced 2024-12-03 05:23:45 +08:00

Commit Graph

Author	SHA1	Message	Date
David Taylor	f45853676f	SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950 ) This only affects multisite Discourse instances (where multiple forums are served from a single application server). The vast majority of self-hosted Discourse forums do not fall into this category. On affected instances, this vulnerability could allow encrypted session cookies to be re-used between sites served by the same application instance.	2021-11-15 15:50:12 +00:00

Author

SHA1

Message

Date

David Taylor

f45853676f

SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950 )

This only affects multisite Discourse instances (where multiple forums are served from a single application server). The vast majority of self-hosted Discourse forums do not fall into this category.

On affected instances, this vulnerability could allow encrypted session cookies to be re-used between sites served by the same application instance.

2021-11-15 15:50:12 +00:00

1 Commits