Discourse Latest Vulnerabilities
Latest vulnerabilities published by discourse
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
HTML Entity Exposure in Discourse AI Plugin by Discourse
CVE-2024-54142DiscourseDiscourse-ai9.1CRITICALLocal Login Bypass Vulnerability in Discourse Community Platform
CVE-2024-49765DiscourseSevere Vulnerability in Discourse Community Platform Affecting Thumbnail Features
CVE-2024-52794DiscourseLocal File Exposure Vulnerability in Discourse Community Platform
CVE-2024-53991DiscourseEmail Exposure Vulnerability in Discourse Community Platform
CVE-2024-52589DiscourseAnonymous Cache Poisoning Vulnerability in Discourse Affects Only Anonymous Visitors
CVE-2024-47773DiscourseDiscourse8.2HIGHCross-site Scripting (XSS) via chat excerpts when content security policy (CSP) disabled in Discourse
CVE-2024-47772DiscourseDiscourse6.1MEDIUMDiscourse Platform Patches Potential Availability Reduction Vulnerability
CVE-2024-43789DiscourseDiscourseπΎπ‘π°4.3MEDIUMAttackers Can Bypass Domain-Based Restrictions in Discourse Due to Recent Vulnerability
CVE-2024-45051DiscourseDiscourse8.2HIGHDiscourse Patches Security Vulnerability Affecting All Users
CVE-2024-45297DiscourseDiscourse4.3MEDIUM- CVE-2024-45303DiscourseCalendar6.1MEDIUM
Dynamic Calendar Vulnerability Affects Discourse Instances
CVE-2024-21658DiscourseDiscourse-calendar4.3MEDIUMDiscourse Placeholder Forms has a XSS stopped by CSP
CVE-2024-43408DiscourseDiscourse-placeholder-...6.3MEDIUMOpen source discussion platform vulnerability fix
CVE-2024-39320DiscourseDiscourse6.1MEDIUMDiscourse vulnerability affects very long tag group names
CVE-2024-37299DiscourseDiscourse7.5HIGHDiscourse Fixes XSS Vulnerability in 3.2.3 and 3.3.0.beta3
CVE-2024-37165DiscourseDiscourse6.1MEDIUMModerators can reduce availability of Discourse instances by creating long words
CVE-2024-38360DiscourseFastImage Library Vulnerability Affects Discourse Platform
CVE-2024-37157DiscourseDiscourse5.3MEDIUMEmail Addresses of Users Visible to Moderators in Review Queue Prior to Certain Versions
CVE-2024-36122DiscourseDiscourse4.3MEDIUMRogue Staff User Could Suspend Other Staff Users, Patched in Latest Versions
CVE-2024-36113DiscourseDiscourse6.5MEDIUMArbitrary JavaScript Execution Vulnerability Affects Discourse Sites Without CSP
CVE-2024-35234DiscourseDiscourse6.1MEDIUMCarefully crafted malicious URL can reduce Discourse instance availability
CVE-2024-35227DiscourseDiscourse7.5HIGHMissing Authorization Vulnerability Affects WP Discourse from n/a through 2.5.1
CVE-2024-35168DiscourseWP Discourse4.3MEDIUMReactions on Whispers: A New Feature for Public Topics
CVE-2024-31219DiscourseDiscourse-reactions4.3MEDIUMArbitrary Data Injection Vulnerability in Discourse Affects Users
CVE-2024-27085DiscourseDiscourse6.5MEDIUM