VYPR

Vendor CVEs

Discourse (software)

All CVEs

284 total · sorted by risk
  • CVE-2024-54142CriJan 14, 2025
    risk 0.52cvss 9.0epss 0.00

    Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Discourse application when a user visited a post with a onebox to said conversation.…

  • CVE-2026-44786HigJun 12, 2026
    risk 0.42cvss 7.5epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any…

  • CVE-2026-45775MedJun 12, 2026
    risk 0.37cvss 6.8epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a path traversal vulnerability in Discourse backup handling could allow an authenticated administrator…

  • CVE-2026-44784MedJun 12, 2026
    risk 0.35cvss 6.5epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, group owners who are not necessarily admins or moderators can view a group's outgoing email/SMTP…

  • CVE-2026-33300MedMar 31, 2026
    risk 0.35cvss 6.5epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass in the Category Chatables Controller show action allowed moderators to get…

  • CVE-2026-32143MedMar 31, 2026
    risk 0.35cvss 6.5epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, moderators could export CSV data for admin-restricted reports, bypassing the report visibility…

  • CVE-2024-43408MedAug 20, 2024
    risk 0.34cvss 6.3epss 0.00

    Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7.

  • CVE-2026-32113MedMar 31, 2026
    risk 0.33cvss 6.1epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the sso_destination_url cookie and redirects to it with…

  • CVE-2026-44783MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a flaw in how replies to whisper posts are handled allows authenticated users outside the groups…

  • CVE-2026-32615MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, category group moderators could perform privileged actions on topics inside private categories they did…

  • CVE-2026-32607MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, when the hidden prioritize_full_name_in_ux site setting is enabled (defaults to false, requires console…

  • CVE-2026-32273MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, updating a category description via API is not sanitizing the description string, which can lead to XSS…

  • CVE-2026-32243MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an attacker with the ability to create shared AI conversations could inject arbitrary HTML and…

  • CVE-2025-11983MedNov 1, 2025
    risk 0.28cvss 4.3epss 0.00

    The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5.9. This is due to the plugin unconditionally sending Discourse API credentials (Api-Key and Api-Username headers) to any host specified in a post's…

  • CVE-2026-47264MedJun 12, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializer#tag_group_names returned every tag group a tag belonged to without filtering…

  • CVE-2026-45085MedJun 12, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin (one also involving discourse-calendar):…

  • CVE-2026-34154MedMay 19, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, a vulnerability in the discourse-subscriptions plugin allows users to gain access to subscription-gated groups without completing payment. This issue has…

  • CVE-2026-32244MedMay 19, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in…

  • CVE-2026-34947MedApr 3, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification.…

  • CVE-2026-27481MedApr 3, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass vulnerability allows unauthenticated or unauthorized users to view hidden…

  • CVE-2026-33074MedMar 31, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes…

  • CVE-2026-33073MedMar 31, 2026
    risk 0.27cvss 5.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the discourse-subscriptions plugin leaks stripe API keys across sites in a multisite cluster resulting…

  • CVE-2026-33185MedMar 31, 2026
    risk 0.26cvss 5.0epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the group email settings test endpoint could be used to make the server initiate outbound connections to…

  • CVE-2026-47263MedJun 12, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /web_hook_events/ in Jobs::RedeliverWebHookEvents did not pass…

  • CVE-2026-44785MedJun 12, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks can_see? on the post being explained, not its reply_to_post, so any…

  • CVE-2026-44782MedJun 12, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, GroupPostSerializer declared include_user_long_name? as the predicate for its :name attribute, but AMS…

  • CVE-2026-44780MedJun 12, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload["raw_email"] for posts that arrived via…

  • CVE-2026-44779MedJun 12, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, bot debug endpoints disclose whisper translation audit logs. This issue has been patched in versions…

  • CVE-2026-33514MedMay 19, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, an authenticated user on a Discourse instance with the form templates feature enabled can read the name and structured content of form templates that are…

  • CVE-2026-32951MedMar 31, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated user can obtain shared draft topic titles by sending an inline onebox request with a…

  • CVE-2026-32620MedMar 31, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see.…

  • CVE-2026-32619MedMar 31, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, users who lost access to a topic (e.g., removed from a private category group) could still interact with…

  • CVE-2026-32618MedMar 31, 2026
    risk 0.21cvss 4.3epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, there is possible channel membership inference from chat user search without authorization. This issue…

  • CVE-2024-35168MedJun 11, 2024
    risk 0.21cvss 4.3epss 0.00

    Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through 2.5.1.

  • CVE-2024-31219MedApr 15, 2024
    risk 0.21cvss 4.3epss 0.00

    Discourse-reactions is a plugin that allows user to add their reactions to the post. When whispers are enabled on a site via `whispers_allowed_groups` and reactions are made on whispers on public topics, the contents of the whisper and the reaction data are shown on the…

  • CVE-2025-47288LowMay 29, 2025
    risk 0.16cvss 3.5epss 0.00

    Discourse Policy plugin gives the ability to confirm users have seen or done something. Prior to version 0.1.1, if there was a policy posted to a public topic that was tied to a private group then the group members could be shown to non-group members. This issue has been patched…

  • CVE-2025-46824LowMay 7, 2025
    risk 0.13cvss 3.1epss 0.00

    The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80, an attacker can execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This problem is patched in commit eed3a80 of the…

  • CVE-2026-33415LowMar 31, 2026
    risk 0.11cvss 2.7epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from…

  • CVE-2024-53991Dec 19, 2024
    risk 0.04cvss epss 0.25

    Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use `FileStore::LocalStore` which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file,…

  • CVE-2024-47773Oct 8, 2024
    risk 0.04cvss epss 0.02

    Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest…

  • CVE-2023-45131Oct 16, 2023
    risk 0.04cvss epss 0.02

    Discourse is an open source platform for community discussion. New chat messages can be read by making an unauthenticated POST request to MessageBus. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. Users are advised to upgrade. There are no known…

  • CVE-2021-41163Oct 20, 2021
    risk 0.02cvss epss 0.20

    Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and…

  • CVE-2025-48954Jun 25, 2025
    risk 0.01cvss epss 0.01

    Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy isn't enabled when using social logins. Version 3.5.0.beta6 patches the issue. As a workaround, have the content security policy…

  • CVE-2026-33428Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a non-staff user with elevated group membership could access deleted posts belonging to any user due to an overly broad authorization check on the deleted posts index…

  • CVE-2026-33427Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an unauthenticated attacker can cause a legitimate Discourse authorization page to display an attacker-controlled domain, facilitating social engineering attacks against…

  • CVE-2026-33426Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, users with tag-editing permissions could edit and create synonyms for tags hidden in restricted tag groups, even if they lacked visibility into those tags. Versions…

  • CVE-2026-33425Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private group by observing changes in directory results when using the `exclude_groups`…

  • CVE-2026-33424Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they lose access to that PM. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2…

  • CVE-2026-33423Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, staff can modify any user's group notification level. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No known workarounds are available.

  • CVE-2026-33422Mar 20, 2026
    risk 0.00cvss epss 0.00

    Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the `ip_address` of a flagged user is exposed to any user who can access the review queue, including users who should not be able to see IP addresses. Versions…

Page 1 of 6