Filter

Versions

2.9.0-beta1
47
2.9.0-beta2
47
2.9.0-beta3
47
2.9.0-beta4
44
2.9.0-beta5
43
2.9.0-beta7
43
2.9.0-beta6
42
2.9.0-beta8
41
2.8.0-beta1
37
2.8.0-beta2
37
2.8.0-beta3
37
2.9.0-beta10
36
2.8.0-beta4
35
2.8.0-beta5
33
2.8.0-beta6
33
2.9.0-beta11
33
2.9.0-beta9
33
3.1.0-beta1
33
2.9.0-beta12
32
2.8.0-beta7
31
2.9.0-beta13
30
2.9.0-beta14
29
2.8.0-beta8
28
2.8.0-beta9
28
2.8.0-beta10
27
3.0.0-beta15
27
2.4.0-beta1
25
2.4.0-beta2
25
3.1.0-beta2
25
2.7.0-beta1
24
1.1.0-beta1
23
1.1.0-beta2
23
1.1.0-beta3
23
1.1.0-beta4
23
1.1.0-beta5
23
1.1.0-beta6
23
1.1.0-beta6b
23
1.1.0-beta7
23
1.1.0-beta8
23
1.2.0-beta1
23
1.2.0-beta2
23
1.2.0-beta3
23
1.2.0-beta4
23
1.2.0-beta5
23
1.2.0-beta6
23
1.2.0-beta7
23
1.2.0-beta8
23
1.2.0-beta9
23
1.3.0-beta1
23
1.3.0-beta10
23
1.3.0-beta11
23
1.3.0-beta2
23
1.3.0-beta3
23
1.3.0-beta4
23
1.3.0-beta5
23
1.3.0-beta6
23
1.3.0-beta7
23
1.3.0-beta8
23
1.3.0-beta9
23
1.4.0-beta1
23
1.4.0-beta10
23
1.4.0-beta11
23
1.4.0-beta12
23
1.4.0-beta2
23
1.4.0-beta3
23
1.4.0-beta4
23
1.4.0-beta5
23
1.4.0-beta6
23
1.4.0-beta7
23
1.4.0-beta8
23
1.4.0-beta9
23
1.5.0-beta1
23
1.5.0-beta10
23
1.5.0-beta11
23
1.5.0-beta12
23
1.5.0-beta13
23
1.5.0-beta13b
23
1.5.0-beta14
23
1.5.0-beta2
23
1.5.0-beta3
23
1.5.0-beta4
23
1.5.0-beta5
23
1.5.0-beta6
23
1.5.0-beta7
23
1.5.0-beta8
23
1.5.0-beta9
23
1.6.0-beta1
23
1.6.0-beta10
23
1.6.0-beta11
23
1.6.0-beta12
23
1.6.0-beta2
23
1.6.0-beta3
23
1.6.0-beta4
23
1.6.0-beta5
23
1.6.0-beta6
23
1.6.0-beta7
23
1.6.0-beta8
23
1.6.0-beta9
23
1.7.0-beta1
23
1.7.0-beta10
23
1.7.0-beta11
23
1.7.0-beta2
23
1.7.0-beta3
23
1.7.0-beta4
23
1.7.0-beta5
23
1.7.0-beta6
23
1.7.0-beta7
23
1.7.0-beta8
23
1.7.0-beta9
23
1.8.0-beta1
23
1.8.0-beta10
23
1.8.0-beta11
23
1.8.0-beta12
23
1.8.0-beta13
23
1.8.0-beta2
23
1.8.0-beta3
23
1.8.0-beta4
23
1.8.0-beta5
23
1.8.0-beta6
23
1.8.0-beta7
23
1.8.0-beta8
23
1.8.0-beta9
23
1.9.0-beta1
23
1.9.0-beta10
23
1.9.0-beta11
23
1.9.0-beta12
23
1.9.0-beta13
23
1.9.0-beta14
23
1.9.0-beta15
23
1.9.0-beta16
23
1.9.0-beta17
23
1.9.0-beta2
23
1.9.0-beta3
23
1.9.0-beta4
23
1.9.0-beta5
23
1.9.0-beta6
23
1.9.0-beta7
23
1.9.0-beta8
23
1.9.0-beta9
23
2.0.0-beta1
23
2.0.0-beta10
23
2.0.0-beta2
23
2.0.0-beta3
23
2.0.0-beta4
23
2.0.0-beta5
23
2.0.0-beta6
23
2.0.0-beta7
23
2.0.0-beta8
23
2.0.0-beta9
23
2.1.0-beta1
23
2.1.0-beta2
23
2.1.0-beta3
23
2.1.0-beta4
23
2.1.0-beta5
23
2.1.0-beta6
23
2.2.0-beta1
23
2.2.0-beta10
23
2.2.0-beta2
23
2.2.0-beta3
23
2.2.0-beta4
23
2.2.0-beta5
23
2.2.0-beta6
23
2.2.0-beta7
23
2.2.0-beta8
23
2.2.0-beta9
23
2.3.0-beta1
23
2.3.0-beta10
23
2.3.0-beta11
23
2.3.0-beta2
23
2.3.0-beta3
23
2.3.0-beta4
23
2.3.0-beta5
23
2.3.0-beta6
23
2.3.0-beta7
23
2.3.0-beta8
23
2.3.0-beta9
23
2.4.0-beta10
23
2.4.0-beta11
23
2.4.0-beta3
23
2.4.0-beta4
23
2.4.0-beta5
23
2.4.0-beta6
23
2.4.0-beta7
23
2.4.0-beta8
23
2.4.0-beta9
23
2.5.0-beta1
23
2.5.0-beta2
23
2.5.0-beta3
23
2.5.0-beta4
23
2.5.0-beta5
23
2.5.0-beta6
23
2.5.0-beta7
23
2.6.0-beta1
23
2.6.0-beta2
23
2.6.0-beta3
23
2.6.0-beta4
23
2.6.0-beta5
23
2.6.0-beta6
23
2.7.0-beta2
23
2.7.0-beta3
23
2.7.0-beta4
23
2.7.0-beta5
23
2.7.0-beta6
23
2.7.0-beta7
23
2.7.0-beta8
23
2.7.0-beta9
23
2.8.0-beta11
23
3.0.0-beta16
19
3.1.0-beta3
17
3.2.0-beta1
16
3.1.0-beta5
13
3.1.0-beta6
11
3.2.0-beta2
10
3.3.0-beta1
7
3.3.0-beta2
7
3.1.1
6
3.1.0-beta7
5
3.1.0-beta8
5
3.1.0-beta4
4
3.2.0-beta3
4
3.3.0-beta3
4
3.4.0
4
3.1.0
3
3.4.0-beta1
3
2.3.2
2
2.6.0
2
3.0.0
2
3.0.1
2
3.3.0-beta4
2
2.7.12
1
2.7.5
1
2.7.7
1
2.7.9
1
2.8.10
1
2.8.11
1
2.8.13
1
2.8.2
1
2.8.4
1
2.8.6
1
2.8.7
1
3.0.2
1
3.2.0-beta4
1

DiscourseCross-site Scripting (XSS) via topic titles when CSP disabled in Discourse

medium
4.3
First published (updated )
CVE-2024-53266

DiscoursePartial denial of service via inline oneboxes in Discourse

medium
4.3
First published (updated )
CVE-2024-53851

DiscourseDiscourse is an open source platform for community discussion. In affected versions an attacker can …

high
8.2
EPSS
0.04%
First published (updated )
CVE-2025-23023

DiscoursePotential bypass of chat permissions in Discourse

medium
4.3
First published (updated )
CVE-2024-53994

DiscourseAnonymous cache poisoning via XHR requests in Discourse

high
8.2
First published (updated )
CVE-2024-55948

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseUsers can see other user's tagged PMs in Discourse

low
2.2
First published (updated )
CVE-2024-56197

DiscourseHTMLi(XSS without CSP) via Onebox urls in Discourse

medium
6.5
First published (updated )
CVE-2024-56328

DiscourseClient Side Path Traversal using activate account route in Discourse

low
3.1
First published (updated )
CVE-2025-22601

DiscourseStored DOM-based XSS (without CSP) via video placeholders in Discourse

medium
6.5
First published (updated )
CVE-2025-22602

DiscourseCross-site Scripting via Discourse-ai SharedAiConversation onebox in Discourse

critical
9.1
First published (updated )
CVE-2024-54142

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseBypass of Discourse Connect using other login paths if enabled in Discourse

medium
5.3
First published (updated )
CVE-2024-49765

DiscourseModerators can view Screened emails even when the “moderators view emails” option is disabled in Discourse

low
2.2
First published (updated )
CVE-2024-52589

DiscourseMagnific lightbox susceptible to Cross-site Scripting in Discourse

medium
6.8
First published (updated )
CVE-2024-52794

DiscoursePotential Backup file leaked via Nginx in Discourse

high
7.5
First published (updated )
CVE-2024-53991

DiscourseAnonymous cache poisoning via XHR requests in Discourse

high
8.2
First published (updated )
CVE-2024-47773

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseCross-site Scripting (XSS) via chat excerpts when content security policy (CSP) disabled in Discourse

medium
6.5
First published (updated )
CVE-2024-47772

DiscourseDenial of service by the absence of restrictions on replies to posts in Discourse

high
7.5
First published (updated )
CVE-2024-43789

DiscoursePrevent topic list filtering by hidden tags for unauthorized users in Discourse

medium
5.3
First published (updated )
CVE-2024-45297

DiscourseBypass of email address validation via encoded email addresses in Discourse

high
8.2
First published (updated )
CVE-2024-45051

DiscourseDiscourse allows iframe injection though default site setting

medium
6.1
First published (updated )
CVE-2024-39320

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseDiscourse vulnerable to DoS via Tag Group

high
7.5
First published (updated )
CVE-2024-37299

DiscourseDiscourse has an XSS via Onebox system

medium
6.3
First published (updated )
CVE-2024-37165

DiscourseDenial of service via Watched Words in Discourse

medium
4.9
First published (updated )
CVE-2024-38360

DiscourseDiscourse vulnerable to Server-Side Request Forgery via FastImage

medium
6.4
First published (updated )
CVE-2024-37157

DiscourseDiscourse doesn't limit reviewable user serializer payload

medium
4.3
First published (updated )
CVE-2024-36122

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseDiscourse missing authorization checks for suspending admins/moderators

medium
6.5
First published (updated )
CVE-2024-36113

DiscourseDiscourse vulnerable to stored-dom XSS via Facebook Oneboxes

medium
6.1
First published (updated )
CVE-2024-35234

DiscourseDiscourse vulnerable to DoS through Onebox

high
7.5
First published (updated )
CVE-2024-35227

DiscourseDenial of service through invites in Discourse

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-27085

DiscourseDenial of service via Staff Actions in Discourse

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-27100

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203