Posted on

Discourse up to 2.4.0.beta1 user-api OTP weak authentication

A vulnerability classified as critical was found in Discourse up to 2.4.0.beta1. This vulnerability affects an unknown code block of the component user-api OTP. Upgrading to version 2.4.0.beta2 eliminates this vulnerability.