Improper access control in Discourse - CVE-2024-53991
Published: December 19, 2024 / Updated: July 1, 2026
Discourse
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to improper access control in nginx backup file handling when processing a well crafted request for a backup file. A remote attacker can send a specially crafted request to disclose sensitive information.
Only instances configured to use FileStore::LocalStore for local storage of uploads and backups are affected, and exploitation requires knowledge of the backup file name.