Filter

Versions

2.9.0-beta1
47
2.9.0-beta2
47
2.9.0-beta3
47
2.9.0-beta4
44
2.9.0-beta5
43
2.9.0-beta7
43
2.9.0-beta6
42
2.9.0-beta8
41
2.8.0-beta1
37
2.8.0-beta2
37
2.8.0-beta3
37
2.9.0-beta10
36
2.8.0-beta4
35
2.8.0-beta5
33
2.8.0-beta6
33
2.9.0-beta11
33
2.9.0-beta9
33
3.1.0-beta1
33
2.9.0-beta12
32
2.8.0-beta7
31
2.9.0-beta13
30
2.9.0-beta14
29
2.8.0-beta8
28
2.8.0-beta9
28
2.8.0-beta10
27
3.0.0-beta15
27
2.4.0-beta1
25
2.4.0-beta2
25
3.1.0-beta2
25
2.7.0-beta1
24
1.1.0-beta1
23
1.1.0-beta2
23
1.1.0-beta3
23
1.1.0-beta4
23
1.1.0-beta5
23
1.1.0-beta6
23
1.1.0-beta6b
23
1.1.0-beta7
23
1.1.0-beta8
23
1.2.0-beta1
23
1.2.0-beta2
23
1.2.0-beta3
23
1.2.0-beta4
23
1.2.0-beta5
23
1.2.0-beta6
23
1.2.0-beta7
23
1.2.0-beta8
23
1.2.0-beta9
23
1.3.0-beta1
23
1.3.0-beta10
23
1.3.0-beta11
23
1.3.0-beta2
23
1.3.0-beta3
23
1.3.0-beta4
23
1.3.0-beta5
23
1.3.0-beta6
23
1.3.0-beta7
23
1.3.0-beta8
23
1.3.0-beta9
23
1.4.0-beta1
23
1.4.0-beta10
23
1.4.0-beta11
23
1.4.0-beta12
23
1.4.0-beta2
23
1.4.0-beta3
23
1.4.0-beta4
23
1.4.0-beta5
23
1.4.0-beta6
23
1.4.0-beta7
23
1.4.0-beta8
23
1.4.0-beta9
23
1.5.0-beta1
23
1.5.0-beta10
23
1.5.0-beta11
23
1.5.0-beta12
23
1.5.0-beta13
23
1.5.0-beta13b
23
1.5.0-beta14
23
1.5.0-beta2
23
1.5.0-beta3
23
1.5.0-beta4
23
1.5.0-beta5
23
1.5.0-beta6
23
1.5.0-beta7
23
1.5.0-beta8
23
1.5.0-beta9
23
1.6.0-beta1
23
1.6.0-beta10
23
1.6.0-beta11
23
1.6.0-beta12
23
1.6.0-beta2
23
1.6.0-beta3
23
1.6.0-beta4
23
1.6.0-beta5
23
1.6.0-beta6
23
1.6.0-beta7
23
1.6.0-beta8
23
1.6.0-beta9
23
1.7.0-beta1
23
1.7.0-beta10
23
1.7.0-beta11
23
1.7.0-beta2
23
1.7.0-beta3
23
1.7.0-beta4
23
1.7.0-beta5
23
1.7.0-beta6
23
1.7.0-beta7
23
1.7.0-beta8
23
1.7.0-beta9
23
1.8.0-beta1
23
1.8.0-beta10
23
1.8.0-beta11
23
1.8.0-beta12
23
1.8.0-beta13
23
1.8.0-beta2
23
1.8.0-beta3
23
1.8.0-beta4
23
1.8.0-beta5
23
1.8.0-beta6
23
1.8.0-beta7
23
1.8.0-beta8
23
1.8.0-beta9
23
1.9.0-beta1
23
1.9.0-beta10
23
1.9.0-beta11
23
1.9.0-beta12
23
1.9.0-beta13
23
1.9.0-beta14
23
1.9.0-beta15
23
1.9.0-beta16
23
1.9.0-beta17
23
1.9.0-beta2
23
1.9.0-beta3
23
1.9.0-beta4
23
1.9.0-beta5
23
1.9.0-beta6
23
1.9.0-beta7
23
1.9.0-beta8
23
1.9.0-beta9
23
2.0.0-beta1
23
2.0.0-beta10
23
2.0.0-beta2
23
2.0.0-beta3
23
2.0.0-beta4
23
2.0.0-beta5
23
2.0.0-beta6
23
2.0.0-beta7
23
2.0.0-beta8
23
2.0.0-beta9
23
2.1.0-beta1
23
2.1.0-beta2
23
2.1.0-beta3
23
2.1.0-beta4
23
2.1.0-beta5
23
2.1.0-beta6
23
2.2.0-beta1
23
2.2.0-beta10
23
2.2.0-beta2
23
2.2.0-beta3
23
2.2.0-beta4
23
2.2.0-beta5
23
2.2.0-beta6
23
2.2.0-beta7
23
2.2.0-beta8
23
2.2.0-beta9
23
2.3.0-beta1
23
2.3.0-beta10
23
2.3.0-beta11
23
2.3.0-beta2
23
2.3.0-beta3
23
2.3.0-beta4
23
2.3.0-beta5
23
2.3.0-beta6
23
2.3.0-beta7
23
2.3.0-beta8
23
2.3.0-beta9
23
2.4.0-beta10
23
2.4.0-beta11
23
2.4.0-beta3
23
2.4.0-beta4
23
2.4.0-beta5
23
2.4.0-beta6
23
2.4.0-beta7
23
2.4.0-beta8
23
2.4.0-beta9
23
2.5.0-beta1
23
2.5.0-beta2
23
2.5.0-beta3
23
2.5.0-beta4
23
2.5.0-beta5
23
2.5.0-beta6
23
2.5.0-beta7
23
2.6.0-beta1
23
2.6.0-beta2
23
2.6.0-beta3
23
2.6.0-beta4
23
2.6.0-beta5
23
2.6.0-beta6
23
2.7.0-beta2
23
2.7.0-beta3
23
2.7.0-beta4
23
2.7.0-beta5
23
2.7.0-beta6
23
2.7.0-beta7
23
2.7.0-beta8
23
2.7.0-beta9
23
2.8.0-beta11
23
3.0.0-beta16
19
3.1.0-beta3
17
3.2.0-beta1
16
3.1.0-beta5
13
3.1.0-beta6
11
3.2.0-beta2
10
3.3.0-beta1
7
3.3.0-beta2
7
3.1.1
6
3.1.0-beta7
5
3.1.0-beta8
5
3.1.0-beta4
4
3.2.0-beta3
4
3.3.0-beta3
4
3.4.0
4
3.1.0
3
3.4.0-beta1
3
2.3.2
2
2.6.0
2
3.0.0
2
3.0.1
2
3.3.0-beta4
2
2.7.12
1
2.7.5
1
2.7.7
1
2.7.9
1
2.8.10
1
2.8.11
1
2.8.13
1
2.8.2
1
2.8.4
1
2.8.6
1
2.8.7
1
3.0.2
1
3.2.0-beta4
1

DiscourseMultisite denial of service through unsanitized dynamic dispatch to SiteSetting in Discourse

medium
4.9
First published (updated )
CVE-2023-30606

DiscourseStored Cross-site Scripting via improper sanitization of svg files in Discourse

medium
5.4
First published (updated )
CVE-2023-30538

DiscourseHTML injection via topic embedding in Discourse

medium
6.1
First published (updated )
CVE-2023-29196

DiscourseDenial of service via admin theme import route in Discourse

low
2.7
First published (updated )
CVE-2023-28440

Discourse Aidiscourse-ai admin-initiated SSRF when interacting with AI services

high
7.2
EPSS
0.04%
First published (updated )
CVE-2024-23654

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseCross-site Scripting (XSS) via topic titles when CSP disabled in Discourse

medium
4.3
First published (updated )
CVE-2024-53266

DiscoursePartial denial of service via inline oneboxes in Discourse

medium
4.3
First published (updated )
CVE-2024-53851

DiscoursePotential bypass of chat permissions in Discourse

medium
4.3
First published (updated )
CVE-2024-53994

DiscourseDiscourse is an open source platform for community discussion. In affected versions an attacker can …

high
8.2
EPSS
0.04%
First published (updated )
CVE-2025-23023

DiscourseStored DOM-based XSS (without CSP) via video placeholders in Discourse

medium
6.5
First published (updated )
CVE-2025-22602

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseHTMLi(XSS without CSP) via Onebox urls in Discourse

medium
6.5
First published (updated )
CVE-2024-56328

DiscourseClient Side Path Traversal using activate account route in Discourse

low
3.1
First published (updated )
CVE-2025-22601

DiscourseUsers can see other user's tagged PMs in Discourse

low
2.2
First published (updated )
CVE-2024-56197

DiscourseAnonymous cache poisoning via XHR requests in Discourse

high
8.2
First published (updated )
CVE-2024-55948

DiscourseCross-site Scripting via Discourse-ai SharedAiConversation onebox in Discourse

critical
9.1
First published (updated )
CVE-2024-54142

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseDiscourse vulnerable to exposure of number of topics recently created in private categories

medium
5.3
First published (updated )
CVE-2023-34250

DiscourseDiscourse's canonical url not being used for topic embeddings

medium
5.3
First published (updated )
CVE-2023-32301

DiscourseDiscourse Topic Creation Page Allows iFrame Tag without Restrictions

medium
5.4
First published (updated )
CVE-2023-32061

DiscourseDiscourse's general category permissions could be set back to default

medium
5.3
First published (updated )
CVE-2023-31142

DiscoursePotential Backup file leaked via Nginx in Discourse

high
7.5
First published (updated )
CVE-2024-53991

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseMagnific lightbox susceptible to Cross-site Scripting in Discourse

medium
6.8
First published (updated )
CVE-2024-52794

DiscourseModerators can view Screened emails even when the “moderators view emails” option is disabled in Discourse

low
2.2
First published (updated )
CVE-2024-52589

DiscourseBypass of Discourse Connect using other login paths if enabled in Discourse

medium
5.3
First published (updated )
CVE-2024-49765

DiscourseHTML injection in oneboxed links

medium
6.1
First published (updated )
CVE-2023-47119

DiscourseDiscourse SSRF vulnerability in Embedding

critical
9.8
First published (updated )
CVE-2023-47121

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DiscourseDiscourse DoS through Onebox favicon URL

high
7.5
First published (updated )
CVE-2023-47120

DiscourseBypassing height value allowed in some theme components

medium
5.4
First published (updated )
CVE-2023-46130

DiscourseUnread bookmark reminder notifications that the user cannot access can be seen

low
3.3
First published (updated )
CVE-2023-45816

DiscourseDiscourse vulnerable to DoS via Regexp Injection in Full Name

medium
5.4
First published (updated )
CVE-2023-45806

DiscourseDiscourse vulnerable to Cross-site Scripting through pending post titles descriptions

high
8
First published (updated )
CVE-2023-22454

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203