https://db.gcve.eu/sightings/feed 2026-05-05T21:42:50.850959+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/ec6bab5e-025d-4601-8ac4-e60b615a2294/export 2026-05-05T21:42:51.294615+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ec6bab5e-025d-4601-8ac4-e60b615a2294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25169", "type": "seen", "source": "https://t.me/cibsecurity/59497", "content": "\u203c CVE-2023-25169 \u203c\n\ndiscourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit `b3ab33bbf7` which is included in the latest version of the Discourse Yearly Review plugin. Users are advised to upgrade. Users unable to upgrade may disable the `yearly_review_enabled` setting to fully mitigate the issue. Also, it's possible to edit the anonymised user's old data in the yearly review topics manually.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T20:12:55.000000Z"} 2023-03-06T20:12:55+00:00