Filtered by vendor Discourse
Subscribe
Total
79 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36057 | 1 Discourse | 1 Discourse-chat | 2022-09-09 | N/A | 4.8 MEDIUM |
| Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch for this issue. | |||||
| CVE-2021-41140 | 1 Discourse | 1 Discourse Reactions | 2022-08-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are visible. This issue is patched in version 0.2 of discourse-reaction. Users who are unable to update are advised to disable the Discourse-reactions plugin in admin panel. | |||||
| CVE-2022-31184 | 1 Discourse | 1 Discourse | 2022-08-09 | N/A | 7.5 HIGH |
| Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unable to upgrade should manually rate limit email. | |||||
| CVE-2021-43793 | 1 Discourse | 1 Discourse | 2022-08-09 | 4.0 MEDIUM | 4.3 MEDIUM |
| Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse | |||||
| CVE-2021-41263 | 1 Discourse | 1 Rails Multisite | 2022-08-09 | 6.0 MEDIUM | 8.8 HIGH |
| rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application. The issue has been patched in v4 of the `rails_multisite` gem. Note that this upgrade will invalidate all previous signed/encrypted cookies. The impact of this invalidation will vary based on the application architecture. | |||||
| CVE-2022-31182 | 1 Discourse | 1 Discourse | 2022-08-08 | N/A | 5.3 MEDIUM |
| Discourse is the an open source discussion platform. In affected versions a maliciously crafted request for static assets could cause error responses to be cached by Discourse's default NGINX proxy configuration. A corrected NGINX configuration is included in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2021-43792 | 1 Discourse | 1 Discourse | 2022-07-25 | 3.5 LOW | 4.3 MEDIUM |
| Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group (e.g. staff) to view certain tags. Users who were tracking or watching the tags via /preferences/tags, then have their staff status revoked will still see notifications related to the tag, but will not see the tag on each topic. This issue has been patched in stable version 2.7.11. Users are advised to upgrade as soon as possible. | |||||
| CVE-2022-31096 | 1 Discourse | 1 Discourse | 2022-07-07 | 2.1 LOW | 5.7 MEDIUM |
| Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue. | |||||
| CVE-2022-31095 | 1 Discourse | 1 Discourse-chat | 2022-06-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| discourse-chat is a chat plugin for the Discourse application. Versions prior to 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpoint, primarily affecting direct message channels. There are no known workarounds for this issue, and users are advised to update the plugin. | |||||
| CVE-2022-31060 | 1 Discourse | 1 Discourse | 2022-06-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners. | |||||
| CVE-2022-31059 | 1 Discourse | 1 Discourse Calendar | 2022-06-23 | 2.1 LOW | 5.4 MEDIUM |
| Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in version 1.0.1 of the Discourse Calendar plugin. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. | |||||
| CVE-2022-31025 | 1 Discourse | 1 Discourse | 2022-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the `stable` branch and 2.9.0beta5 on the `beta` and `tests-passed` branches, inviting users on sites that use single sign-on could bypass the `must_approve_users` check and invites by staff are always approved automatically. The issue is patched in Discourse version 2.8.4 on the `stable` branch and version `2.9.0.beta5` on the `beta` and `tests-passed` branches. As a workaround, disable invites or increase `min_trust_level_to_allow_invite` to reduce the attack surface to more trusted users. | |||||
| CVE-2022-24866 | 1 Discourse | 1 Assign | 2022-05-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| Discourse Assign is a plugin for assigning users to a topic in Discourse, an open-source messaging platform. Prior to version 1.0.1, the UserBookmarkSerializer serialized the whole User / Group object, which leaked some private information. The data was only being serialized to people who could view assignment info, which is limited to staff by default. For the vast majority of sites, this data was only leaked to trusted staff member, but for sites with assign features enabled publicly, the data was accessible to more people than just staff. Version 1.0.1 contains a patch. There are currently no known workarounds. | |||||
| CVE-2022-24824 | 1 Discourse | 1 Discourse | 2022-04-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue. | |||||
| CVE-2022-24850 | 1 Discourse | 1 Discourse | 2022-04-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| Discourse is an open source platform for community discussion. A category's group permissions settings can be viewed by anyone that has access to the category. As a result, a normal user is able to see whether a group has read/write permissions in the category even though the information should only be available to the users that can manage a category. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no workarounds for this problem. | |||||
| CVE-2019-1020018 | 1 Discourse | 1 Discourse | 2022-04-18 | 7.5 HIGH | 7.3 HIGH |
| Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link. | |||||
| CVE-2022-24804 | 1 Discourse | 1 Discourse | 2022-04-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| Discourse is an open source platform for community discussion. In stable versions prior to 2.8.3 and beta versions prior 2.9.0.beta4 erroneously expose groups. When a group with restricted visibility has been used to set the permissions of a category, the name of the group is leaked to any user that is able to see the category. To workaround the problem, a site administrator can remove groups with restricted visibility from any category's permissions setting. | |||||
| CVE-2022-24782 | 1 Discourse | 1 Discourse | 2022-04-07 | 4.0 MEDIUM | 4.3 MEDIUM |
| Discourse is an open source discussion platform. Versions 2.8.2 and prior in the `stable` branch, 2.9.0.beta3 and prior in the `beta` branch, and 2.9.0.beta3 and prior in the `tests-passed` branch are vulnerable to a data leak. Users can request an export of their own activity. Sometimes, due to category settings, they may have category membership for a secure category. The name of this secure category is shown to the user in the export. The same thing occurs when the user's post has been moved to a secure category. A patch for this issue is available in the `main` branch of Discourse's GitHub repository and is anticipated to be part of future releases. | |||||
| CVE-2022-23641 | 1 Discourse | 1 Discourse | 2022-02-23 | 4.0 MEDIUM | 6.5 MEDIUM |
| Discourse is an open source discussion platform. In versions prior to 2.8.1 in the `stable` branch, 2.9.0.beta2 in the `beta` branch, and 2.9.0.beta2 in the `tests-passed` branch, users can trigger a Denial of Service attack by posting a streaming URL. Parsing Oneboxes in the background job trigger an infinite loop, which cause memory leaks. This issue is patched in version 2.8.1 of the `stable` branch, 2.9.0.beta2 of the `beta` branch, and 2.9.0.beta2 of the `tests-passed` branch. As a workaround, disable onebox in admin panel completely or specify allow list of domains that will be oneboxed. | |||||
| CVE-2022-21684 | 1 Discourse | 1 Discourse | 2022-01-24 | 6.0 MEDIUM | 8.8 HIGH |
| Discourse is an open source discussion platform. Versions prior to 2.7.13 in `stable`, 2.8.0.beta11 in `beta`, and 2.8.0.beta11 in `tests-passed` allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with `must_approve_users` enabled is going to be automatically logged in, bypassing the check that does not allow unapproved users to sign in. They will be able to do everything an approved user can do. If they logout, they cannot log back in. This issue is patched in the `stable` version 2.7.13, `beta` version 2.8.0.beta11, and `tests-passed` version 2.8.0.beta11. One may disable invites as a workaround. Administrators can increase `min_trust_level_to_allow_invite` to reduce the attack surface to more trusted users. | |||||