Vendor CVEs
Discourse (software)
All CVEs
284 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27100 | 0.00 | — | 0.01 | Mar 15, 2024 | Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource… | |||
| CVE-2024-28242 | 0.00 | — | 0.00 | Mar 15, 2024 | Discourse is an open source platform for community discussion. In affected versions an attacker can learn that secret categories exist when they have backgrounds set. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to… | |||
| CVE-2024-24748 | 0.00 | — | 0.00 | Mar 15, 2024 | Discourse is an open source platform for community discussion. In affected versions an attacker can learn that a secret subcategory exists under a public category which has no public subcategories. The issue is patched in the latest stable, beta and tests-passed version of… | |||
| CVE-2024-24827 | 0.00 | — | 0.01 | Mar 15, 2024 | Discourse is an open source platform for community discussion. Without a rate limit on the POST /uploads endpoint, it makes it easier for an attacker to carry out a DoS attack on the server since creating an upload can be a resource intensive process. Do note that the impact… | |||
| CVE-2024-24817 | 0.00 | — | 0.00 | Feb 22, 2024 | Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on the open-source discussion platform Discourse. Prior to version 0.4, event invitees created in topics in private categories or PMs (private messages) can be retrieved by anyone, even… | |||
| CVE-2024-23654 | 0.00 | — | 0.00 | Feb 21, 2024 | discourse-ai is the AI plugin for the open-source discussion platform Discourse. Prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, interactions with different AI services are vulnerable to admin-initiated SSRF attacks. Versions of the plugin that include commit… | |||
| CVE-2024-26145 | 0.00 | — | 0.00 | Feb 21, 2024 | Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on Discourse. Uninvited users are able to gain access to private events by crafting a request to update their attendance. This problem is resolved in commit… | |||
| CVE-2023-46241 | 0.00 | — | 0.01 | Feb 21, 2024 | `discourse-microsoft-auth` is a plugin that enables authentication via Microsoft. On sites with the `discourse-microsoft-auth` plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to… | |||
| CVE-2024-24755 | 0.00 | — | 0.00 | Feb 1, 2024 | discourse-group-membership-ip-block is a discourse plugin that adds support for adding users to groups based on their IP address. discourse-group-membership-ip-block was sending all group custom fields to the client, including group custom fields from other plugins which may… | |||
| CVE-2024-23834 | 0.00 | — | 0.00 | Jan 30, 2024 | Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in… | |||
| CVE-2023-49099 | 0.00 | — | 0.00 | Jan 12, 2024 | Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4. | |||
| CVE-2024-21655 | 0.00 | — | 0.01 | Jan 12, 2024 | Discourse is a platform for community discussion. For fields that are client editable, limits on sizes are not imposed. This allows a malicious actor to cause a Discourse instance to use excessive disk space and also often excessive bandwidth. The issue is patched 3.1.4 and… | |||
| CVE-2023-49098 | 0.00 | — | 0.00 | Jan 12, 2024 | Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939. | |||
| CVE-2023-48297 | 0.00 | — | 0.01 | Jan 12, 2024 | Discourse is a platform for community discussion. The message serializer uses the full list of expanded chat mentions (@all and @here) which can lead to a very long array of users. This issue was patched in versions 3.1.4 and beta 3.2.0.beta5. | |||
| CVE-2023-47121 | 0.00 | — | 0.01 | Nov 10, 2023 | Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version… | |||
| CVE-2023-47120 | 0.00 | — | 0.01 | Nov 10, 2023 | Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long… | |||
| CVE-2023-47119 | 0.00 | — | 0.01 | Nov 10, 2023 | Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched… | |||
| CVE-2023-46130 | 0.00 | — | 0.01 | Nov 10, 2023 | Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some theme components allow users to add svgs with unlimited `height` attributes, and this can affect… | |||
| CVE-2023-45816 | 0.00 | — | 0.00 | Nov 10, 2023 | Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but… | |||
| CVE-2023-45806 | 0.00 | — | 0.01 | Nov 10, 2023 | Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, if a user has been quoted and uses a `|` in their full name, they might be able to trigger a bug that… | |||
| CVE-2023-43658 | 0.00 | — | 0.01 | Oct 16, 2023 | dicourse-calendar is a plugin for the Discourse messaging platform which adds the ability to create a dynamic calendar in the first post of a topic. Improper escaping of event titles could lead to Cross-site Scripting (XSS) within the 'email preview' UI when a site has CSP… | |||
| CVE-2023-44391 | 0.00 | — | 0.00 | Oct 16, 2023 | Discourse is an open source platform for community discussion. User summaries are accessible for anonymous users even when `hide_user_profiles_from_public` is enabled. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 version of Discourse. Users are advised to… | |||
| CVE-2023-44388 | 0.00 | — | 0.01 | Oct 16, 2023 | Discourse is an open source platform for community discussion. A malicious request can cause production log files to quickly fill up and thus result in the server running out of disk space. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse.… | |||
| CVE-2023-43814 | 0.00 | — | 0.00 | Oct 16, 2023 | Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the `/polls/grouped_poll_results` endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts… | |||
| CVE-2023-43659 | 0.00 | — | 0.00 | Oct 16, 2023 | Discourse is an open source platform for community discussion. Improper escaping of user input allowed for Cross-site Scripting attacks via the digest email preview UI. This issue only affects sites with CSP disabled. This issue has been patched in the 3.1.1 stable release as… | |||
| CVE-2023-45147 | 0.00 | — | 0.00 | Oct 16, 2023 | Discourse is an open source community platform. In affected versions any user can create a topic and add arbitrary custom fields to a topic. The severity of this vulnerability depends on what plugins are installed and how the plugins uses topic custom fields. For a default… | |||
| CVE-2023-44384 | 0.00 | — | 0.00 | Oct 6, 2023 | Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site… | |||
| CVE-2023-43657 | 0.00 | — | 0.00 | Sep 28, 2023 | discourse-encrypt is a plugin that provides a secure communication channel through Discourse. Improper escaping of encrypted topic titles could lead to a cross site scripting (XSS) issue when a site has content security policy (CSP) headers disabled. Having CSP disabled is a… | |||
| CVE-2023-41043 | 0.00 | — | 0.01 | Sep 15, 2023 | Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious admin could create extremely large icons sprites, which would then be cached in each server process. This… | |||
| CVE-2023-41042 | 0.00 | — | 0.01 | Sep 15, 2023 | Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, importing a remote theme loads their assets into memory without enforcing limits for file size or number of files.… | |||
| CVE-2023-40588 | 0.00 | — | 0.01 | Sep 15, 2023 | Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user could add a 2FA or security key with a carefully crafted name to their account and cause a denial of… | |||
| CVE-2023-38706 | 0.00 | — | 0.01 | Sep 15, 2023 | Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user can create an unlimited number of drafts with very long draft keys which may end up exhausting the… | |||
| CVE-2023-38685 | 0.00 | — | 0.00 | Jul 28, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in… | |||
| CVE-2023-38684 | 0.00 | — | 0.01 | Jul 28, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values… | |||
| CVE-2023-38498 | 0.00 | — | 0.01 | Jul 28, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite… | |||
| CVE-2023-37906 | 0.00 | — | 0.00 | Jul 28, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can edit a post in a topic and cause a DoS with a carefully crafted edit reason. The issue is… | |||
| CVE-2023-37904 | 0.00 | — | 0.00 | Jul 28, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable`… | |||
| CVE-2023-37467 | 0.00 | — | 0.00 | Jul 28, 2023 | Discourse is an open source discussion platform. Prior to version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a CSP (Content Security Policy) nonce reuse vulnerability was discovered could allow cross-site scripting (XSS) attacks to bypass CSP protection for anonymous… | |||
| CVE-2023-36818 | 0.00 | — | 0.01 | Jul 14, 2023 | Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this… | |||
| CVE-2023-36466 | 0.00 | — | 0.00 | Jul 14, 2023 | Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable,… | |||
| CVE-2023-36473 | 0.00 | — | 0.00 | Jul 13, 2023 | Discourse is an open source discussion platform. A CSP (Content Security Policy) nonce reuse vulnerability could allow XSS attacks to bypass CSP protection. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack… | |||
| CVE-2023-34250 | 0.00 | — | 0.00 | Jun 13, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, an attacker could use the new topics dismissal endpoint to reveal the number of topics recently created (but not the… | |||
| CVE-2023-32301 | 0.00 | — | 0.00 | Jun 13, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of… | |||
| CVE-2023-32061 | 0.00 | — | 0.00 | Jun 13, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, the lack of restrictions on the iFrame tag makes it easy for an attacker to exploit the vulnerability and hide… | |||
| CVE-2023-31142 | 0.00 | — | 0.00 | Jun 13, 2023 | Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is… | |||
| CVE-2023-30611 | 0.00 | — | 0.00 | Apr 19, 2023 | Discourse-reactions is a plugin that allows user to add their reactions to the post in the Discourse messaging platform. In affected versions data about what reactions were performed on a post in a private topic could be leaked. This issue has been addressed in version 0.3.… | |||
| CVE-2023-30606 | 0.00 | — | 0.00 | Apr 18, 2023 | Discourse is an open source platform for community discussion. In affected versions a user logged as an administrator can call arbitrary methods on the `SiteSetting` class, notably `#clear_cache!` and `#notify_changed!`, which when done on a multisite instance, can affect the… | |||
| CVE-2023-30538 | 0.00 | — | 0.00 | Apr 18, 2023 | Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed… | |||
| CVE-2023-29196 | 0.00 | — | 0.00 | Apr 18, 2023 | Discourse is an open source platform for community discussion. This vulnerability is not exploitable on the default install of Discourse. A custom feature must be enabled for it to work at all, and the attacker’s payload must pass the CSP to be executed. However, if an… | |||
| CVE-2023-28440 | 0.00 | — | 0.01 | Apr 18, 2023 | Discourse is an open source platform for community discussion. In affected versions a maliciously crafted request from a Discourse administrator can lead to a long-running request and eventual timeout. This has the greatest potential impact in shared hosting environments where… |
- CVE-2024-27100Mar 15, 2024risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource…
- CVE-2024-28242Mar 15, 2024risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that secret categories exist when they have backgrounds set. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to…
- CVE-2024-24748Mar 15, 2024risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that a secret subcategory exists under a public category which has no public subcategories. The issue is patched in the latest stable, beta and tests-passed version of…
- CVE-2024-24827Mar 15, 2024risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. Without a rate limit on the POST /uploads endpoint, it makes it easier for an attacker to carry out a DoS attack on the server since creating an upload can be a resource intensive process. Do note that the impact…
- CVE-2024-24817Feb 22, 2024risk 0.00cvss —epss 0.00
Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on the open-source discussion platform Discourse. Prior to version 0.4, event invitees created in topics in private categories or PMs (private messages) can be retrieved by anyone, even…
- CVE-2024-23654Feb 21, 2024risk 0.00cvss —epss 0.00
discourse-ai is the AI plugin for the open-source discussion platform Discourse. Prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, interactions with different AI services are vulnerable to admin-initiated SSRF attacks. Versions of the plugin that include commit…
- CVE-2024-26145Feb 21, 2024risk 0.00cvss —epss 0.00
Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on Discourse. Uninvited users are able to gain access to private events by crafting a request to update their attendance. This problem is resolved in commit…
- CVE-2023-46241Feb 21, 2024risk 0.00cvss —epss 0.01
`discourse-microsoft-auth` is a plugin that enables authentication via Microsoft. On sites with the `discourse-microsoft-auth` plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to…
- CVE-2024-24755Feb 1, 2024risk 0.00cvss —epss 0.00
discourse-group-membership-ip-block is a discourse plugin that adds support for adding users to groups based on their IP address. discourse-group-membership-ip-block was sending all group custom fields to the client, including group custom fields from other plugins which may…
- CVE-2024-23834Jan 30, 2024risk 0.00cvss —epss 0.00
Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in…
- CVE-2023-49099Jan 12, 2024risk 0.00cvss —epss 0.00
Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4.
- CVE-2024-21655Jan 12, 2024risk 0.00cvss —epss 0.01
Discourse is a platform for community discussion. For fields that are client editable, limits on sizes are not imposed. This allows a malicious actor to cause a Discourse instance to use excessive disk space and also often excessive bandwidth. The issue is patched 3.1.4 and…
- CVE-2023-49098Jan 12, 2024risk 0.00cvss —epss 0.00
Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939.
- CVE-2023-48297Jan 12, 2024risk 0.00cvss —epss 0.01
Discourse is a platform for community discussion. The message serializer uses the full list of expanded chat mentions (@all and @here) which can lead to a very long array of users. This issue was patched in versions 3.1.4 and beta 3.2.0.beta5.
- CVE-2023-47121Nov 10, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version…
- CVE-2023-47120Nov 10, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long…
- CVE-2023-47119Nov 10, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched…
- CVE-2023-46130Nov 10, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some theme components allow users to add svgs with unlimited `height` attributes, and this can affect…
- CVE-2023-45816Nov 10, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but…
- CVE-2023-45806Nov 10, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, if a user has been quoted and uses a `|` in their full name, they might be able to trigger a bug that…
- CVE-2023-43658Oct 16, 2023risk 0.00cvss —epss 0.01
dicourse-calendar is a plugin for the Discourse messaging platform which adds the ability to create a dynamic calendar in the first post of a topic. Improper escaping of event titles could lead to Cross-site Scripting (XSS) within the 'email preview' UI when a site has CSP…
- CVE-2023-44391Oct 16, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. User summaries are accessible for anonymous users even when `hide_user_profiles_from_public` is enabled. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 version of Discourse. Users are advised to…
- CVE-2023-44388Oct 16, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. A malicious request can cause production log files to quickly fill up and thus result in the server running out of disk space. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse.…
- CVE-2023-43814Oct 16, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the `/polls/grouped_poll_results` endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts…
- CVE-2023-43659Oct 16, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. Improper escaping of user input allowed for Cross-site Scripting attacks via the digest email preview UI. This issue only affects sites with CSP disabled. This issue has been patched in the 3.1.1 stable release as…
- CVE-2023-45147Oct 16, 2023risk 0.00cvss —epss 0.00
Discourse is an open source community platform. In affected versions any user can create a topic and add arbitrary custom fields to a topic. The severity of this vulnerability depends on what plugins are installed and how the plugins uses topic custom fields. For a default…
- CVE-2023-44384Oct 6, 2023risk 0.00cvss —epss 0.00
Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site…
- CVE-2023-43657Sep 28, 2023risk 0.00cvss —epss 0.00
discourse-encrypt is a plugin that provides a secure communication channel through Discourse. Improper escaping of encrypted topic titles could lead to a cross site scripting (XSS) issue when a site has content security policy (CSP) headers disabled. Having CSP disabled is a…
- CVE-2023-41043Sep 15, 2023risk 0.00cvss —epss 0.01
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious admin could create extremely large icons sprites, which would then be cached in each server process. This…
- CVE-2023-41042Sep 15, 2023risk 0.00cvss —epss 0.01
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, importing a remote theme loads their assets into memory without enforcing limits for file size or number of files.…
- CVE-2023-40588Sep 15, 2023risk 0.00cvss —epss 0.01
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user could add a 2FA or security key with a carefully crafted name to their account and cause a denial of…
- CVE-2023-38706Sep 15, 2023risk 0.00cvss —epss 0.01
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user can create an unlimited number of drafts with very long draft keys which may end up exhausting the…
- CVE-2023-38685Jul 28, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in…
- CVE-2023-38684Jul 28, 2023risk 0.00cvss —epss 0.01
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values…
- CVE-2023-38498Jul 28, 2023risk 0.00cvss —epss 0.01
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite…
- CVE-2023-37906Jul 28, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can edit a post in a topic and cause a DoS with a carefully crafted edit reason. The issue is…
- CVE-2023-37904Jul 28, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable`…
- CVE-2023-37467Jul 28, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a CSP (Content Security Policy) nonce reuse vulnerability was discovered could allow cross-site scripting (XSS) attacks to bypass CSP protection for anonymous…
- CVE-2023-36818Jul 14, 2023risk 0.00cvss —epss 0.01
Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this…
- CVE-2023-36466Jul 14, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable,…
- CVE-2023-36473Jul 13, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. A CSP (Content Security Policy) nonce reuse vulnerability could allow XSS attacks to bypass CSP protection. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack…
- CVE-2023-34250Jun 13, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, an attacker could use the new topics dismissal endpoint to reveal the number of topics recently created (but not the…
- CVE-2023-32301Jun 13, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of…
- CVE-2023-32061Jun 13, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, the lack of restrictions on the iFrame tag makes it easy for an attacker to exploit the vulnerability and hide…
- CVE-2023-31142Jun 13, 2023risk 0.00cvss —epss 0.00
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is…
- CVE-2023-30611Apr 19, 2023risk 0.00cvss —epss 0.00
Discourse-reactions is a plugin that allows user to add their reactions to the post in the Discourse messaging platform. In affected versions data about what reactions were performed on a post in a private topic could be leaked. This issue has been addressed in version 0.3.…
- CVE-2023-30606Apr 18, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. In affected versions a user logged as an administrator can call arbitrary methods on the `SiteSetting` class, notably `#clear_cache!` and `#notify_changed!`, which when done on a multisite instance, can affect the…
- CVE-2023-30538Apr 18, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed…
- CVE-2023-29196Apr 18, 2023risk 0.00cvss —epss 0.00
Discourse is an open source platform for community discussion. This vulnerability is not exploitable on the default install of Discourse. A custom feature must be enabled for it to work at all, and the attacker’s payload must pass the CSP to be executed. However, if an…
- CVE-2023-28440Apr 18, 2023risk 0.00cvss —epss 0.01
Discourse is an open source platform for community discussion. In affected versions a maliciously crafted request from a Discourse administrator can lead to a long-running request and eventual timeout. This has the greatest potential impact in shared hosting environments where…
Page 4 of 6