Filters

Versions

2.9.0-beta1
45
2.9.0-beta2
45
2.9.0-beta3
45
2.9.0-beta4
42
2.9.0-beta5
41
2.9.0-beta7
41
2.9.0-beta6
40
2.9.0-beta8
39
2.8.0-beta1
34
2.8.0-beta2
34
2.8.0-beta3
34
2.9.0-beta10
34
2.8.0-beta4
32
2.9.0-beta11
31
2.9.0-beta9
31
3.1.0-beta1
31
2.8.0-beta5
30
2.8.0-beta6
30
2.9.0-beta12
30
2.8.0-beta7
28
2.9.0-beta13
28
2.9.0-beta14
27
2.8.0-beta8
26
2.8.0-beta9
26
2.8.0-beta10
25
3.0.0-beta15
25
3.1.0-beta2
25
2.4.0-beta1
23
2.4.0-beta2
23
2.7.0-beta1
22
1.1.0-beta1
21
1.1.0-beta2
21
1.1.0-beta3
21
1.1.0-beta4
21
1.1.0-beta5
21
1.1.0-beta6
21
1.1.0-beta6b
21
1.1.0-beta7
21
1.1.0-beta8
21
1.2.0-beta1
21
1.2.0-beta2
21
1.2.0-beta3
21
1.2.0-beta4
21
1.2.0-beta5
21
1.2.0-beta6
21
1.2.0-beta7
21
1.2.0-beta8
21
1.2.0-beta9
21
1.3.0-beta1
21
1.3.0-beta10
21
1.3.0-beta11
21
1.3.0-beta2
21
1.3.0-beta3
21
1.3.0-beta4
21
1.3.0-beta5
21
1.3.0-beta6
21
1.3.0-beta7
21
1.3.0-beta8
21
1.3.0-beta9
21
1.4.0-beta1
21
1.4.0-beta10
21
1.4.0-beta11
21
1.4.0-beta12
21
1.4.0-beta2
21
1.4.0-beta3
21
1.4.0-beta4
21
1.4.0-beta5
21
1.4.0-beta6
21
1.4.0-beta7
21
1.4.0-beta8
21
1.4.0-beta9
21
1.5.0-beta1
21
1.5.0-beta10
21
1.5.0-beta11
21
1.5.0-beta12
21
1.5.0-beta13
21
1.5.0-beta13b
21
1.5.0-beta14
21
1.5.0-beta2
21
1.5.0-beta3
21
1.5.0-beta4
21
1.5.0-beta5
21
1.5.0-beta6
21
1.5.0-beta7
21
1.5.0-beta8
21
1.5.0-beta9
21
1.6.0-beta1
21
1.6.0-beta10
21
1.6.0-beta11
21
1.6.0-beta12
21
1.6.0-beta2
21
1.6.0-beta3
21
1.6.0-beta4
21
1.6.0-beta5
21
1.6.0-beta6
21
1.6.0-beta7
21
1.6.0-beta8
21
1.6.0-beta9
21
1.7.0-beta1
21
1.7.0-beta10
21
1.7.0-beta11
21
1.7.0-beta2
21
1.7.0-beta3
21
1.7.0-beta4
21
1.7.0-beta5
21
1.7.0-beta6
21
1.7.0-beta7
21
1.7.0-beta8
21
1.7.0-beta9
21
1.8.0-beta1
21
1.8.0-beta10
21
1.8.0-beta11
21
1.8.0-beta12
21
1.8.0-beta13
21
1.8.0-beta2
21
1.8.0-beta3
21
1.8.0-beta4
21
1.8.0-beta5
21
1.8.0-beta6
21
1.8.0-beta7
21
1.8.0-beta8
21
1.8.0-beta9
21
1.9.0-beta1
21
1.9.0-beta10
21
1.9.0-beta11
21
1.9.0-beta12
21
1.9.0-beta13
21
1.9.0-beta14
21
1.9.0-beta15
21
1.9.0-beta16
21
1.9.0-beta17
21
1.9.0-beta2
21
1.9.0-beta3
21
1.9.0-beta4
21
1.9.0-beta5
21
1.9.0-beta6
21
1.9.0-beta7
21
1.9.0-beta8
21
1.9.0-beta9
21
2.0.0-beta1
21
2.0.0-beta10
21
2.0.0-beta2
21
2.0.0-beta3
21
2.0.0-beta4
21
2.0.0-beta5
21
2.0.0-beta6
21
2.0.0-beta7
21
2.0.0-beta8
21
2.0.0-beta9
21
2.1.0-beta1
21
2.1.0-beta2
21
2.1.0-beta3
21
2.1.0-beta4
21
2.1.0-beta5
21
2.1.0-beta6
21
2.2.0-beta1
21
2.2.0-beta10
21
2.2.0-beta2
21
2.2.0-beta3
21
2.2.0-beta4
21
2.2.0-beta5
21
2.2.0-beta6
21
2.2.0-beta7
21
2.2.0-beta8
21
2.2.0-beta9
21
2.3.0-beta1
21
2.3.0-beta10
21
2.3.0-beta11
21
2.3.0-beta2
21
2.3.0-beta3
21
2.3.0-beta4
21
2.3.0-beta5
21
2.3.0-beta6
21
2.3.0-beta7
21
2.3.0-beta8
21
2.3.0-beta9
21
2.4.0-beta10
21
2.4.0-beta11
21
2.4.0-beta3
21
2.4.0-beta4
21
2.4.0-beta5
21
2.4.0-beta6
21
2.4.0-beta7
21
2.4.0-beta8
21
2.4.0-beta9
21
2.5.0-beta1
21
2.5.0-beta2
21
2.5.0-beta3
21
2.5.0-beta4
21
2.5.0-beta5
21
2.5.0-beta6
21
2.5.0-beta7
21
2.6.0-beta1
21
2.6.0-beta2
21
2.6.0-beta3
21
2.6.0-beta4
21
2.6.0-beta5
21
2.6.0-beta6
21
2.7.0-beta2
21
2.7.0-beta3
21
2.7.0-beta4
21
2.7.0-beta5
21
2.7.0-beta6
21
2.7.0-beta7
21
2.7.0-beta8
21
2.7.0-beta9
21
2.8.0-beta11
21
3.0.0-beta16
17
3.1.0-beta3
17
3.2.0-beta1
16
3.1.0-beta5
13
3.1.0-beta6
11
3.2.0-beta2
10
3.3.0-beta1
7
3.3.0-beta2
7
3.1.1
6
3.1.0-beta7
5
3.1.0-beta8
5
3.1.0-beta4
4
3.2.0-beta3
4
3.3.0-beta3
4
3.4.0
4
3.1.0
3
3.4.0-beta1
3
2.3.2
2
2.6.0
2
3.0.1
2
3.3.0-beta4
2
2.7.12
1
2.7.5
1
2.7.7
1
2.7.9
1
2.8.10
1
2.8.11
1
2.8.13
1
2.8.2
1
2.8.4
1
2.8.6
1
2.8.7
1
3.0.2
1
3.2.0-beta4
1

Discourse DiscourseCross-site Scripting (XSS) via chat excerpts when content security policy (CSP) disabled in Discourse

medium
6.5
First published (updated )
CVE-2024-47772

Discourse DiscourseDenial of service by the absence of restrictions on replies to posts in Discourse

high
7.5
First published (updated )
CVE-2024-43789

Discourse DiscoursePrevent topic list filtering by hidden tags for unauthorized users in Discourse

medium
5.3
First published (updated )
CVE-2024-45297

Discourse DiscourseBypass of email address validation via encoded email addresses in Discourse

high
8.2
First published (updated )
CVE-2024-45051

Discourse DiscourseDiscourse allows iframe injection though default site setting

medium
6.1
First published (updated )
CVE-2024-39320

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseDiscourse vulnerable to DoS via Tag Group

high
7.5
First published (updated )
CVE-2024-37299

Discourse DiscourseDiscourse has an XSS via Onebox system

medium
6.3
First published (updated )
CVE-2024-37165

Discourse DiscourseDiscourse vulnerable to Server-Side Request Forgery via FastImage

medium
6.4
First published (updated )
CVE-2024-37157

Discourse DiscourseDiscourse doesn't limit reviewable user serializer payload

medium
4.3
First published (updated )
CVE-2024-36122

Discourse DiscourseDiscourse missing authorization checks for suspending admins/moderators

medium
6.5
First published (updated )
CVE-2024-36113

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseDiscourse vulnerable to stored-dom XSS via Facebook Oneboxes

medium
6.1
First published (updated )
CVE-2024-35234

Discourse DiscourseDiscourse improperly sanitized user input leads to XSS

medium
6.3
EPSS
0.05%
First published (updated )
CVE-2024-23834

Discourse DiscourseDiscourse secure uploads accessible to guests even when login is required

medium
4.3
First published (updated )
CVE-2023-49099

Discourse DiscourseInsufficient control of custom field value sizes

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2024-21655

Discourse DiscourseDiscourse vulnerable to unlimited mentioned users in message serializer

high
8.6
First published (updated )
CVE-2023-48297

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseDiscourse SSRF vulnerability in Embedding

critical
9.8
First published (updated )
CVE-2023-47121

Discourse DiscourseDiscourse DoS through Onebox favicon URL

high
7.5
First published (updated )
CVE-2023-47120

Discourse DiscourseHTML injection in oneboxed links

medium
6.1
First published (updated )
CVE-2023-47119

Discourse DiscourseBypassing height value allowed in some theme components

medium
5.4
First published (updated )
CVE-2023-46130

Discourse DiscourseUnread bookmark reminder notifications that the user cannot access can be seen

low
3.3
First published (updated )
CVE-2023-45816

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseDiscourse vulnerable to DoS via Regexp Injection in Full Name

medium
5.4
First published (updated )
CVE-2023-45806

Discourse DiscourseUnauthenticated access to new private chat messages in Discourse

high
7.5
First published (updated )
CVE-2023-45131

Discourse DiscoursePrevent unauthorized access to summary details in Discourse

medium
5.3
First published (updated )
CVE-2023-44391

Discourse DiscourseMalicious requests can fill up the log files resulting in a deinal of service in Discourse

high
7.5
First published (updated )
CVE-2023-44388

Discourse DiscourseExposure of poll options and votes to unauthorized users in Discourse

low
3.7
First published (updated )
CVE-2023-43814

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseCross-site Scripting via email preview when CSP disabled in Discourse

high
8
First published (updated )
CVE-2023-43659

Discourse DiscourseArbitrary keys can be added to a topic's custom fields by any user in Discourse

medium
4.9
First published (updated )
CVE-2023-45147

Discourse DiscourseDiscourse DoS via SvgSprite cache

medium
6.5
First published (updated )
CVE-2023-41043

Discourse DiscourseDiscourse DoS via remote theme assets

medium
6.5
First published (updated )
CVE-2023-41042

Discourse DiscourseDiscourse DoS via 2FA and Security Key Names

medium
6.5
First published (updated )
CVE-2023-40588

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseDiscourse vulnerable to DoS via drafts

medium
6.5
First published (updated )
CVE-2023-38706

Discourse DiscourseDiscourse's restricted tag information visible to unauthenticated users

medium
4.3
First published (updated )
CVE-2023-38685

Discourse DiscourseDiscourse vulnerable to ossible DDoS due to unbounded limits in various controller actions

high
7.5
First published (updated )
CVE-2023-38684

Discourse DiscourseDiscourse vulnerable to DoS via defer queue

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2023-38498

Discourse DiscourseDiscourse vulnerable to DoS via post edit reason

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2023-37906

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseDiscourse Race Condition in Accept Invite

low
3.1
First published (updated )
CVE-2023-37904

Discourse DiscourseDiscourse CSP nonce reuse vulnerability for anonymous users

medium
6.8
First published (updated )
CVE-2023-37467

Discourse DiscourseDenial of service via User Custom Sidebar Section Unlimited Link Creation in discourse

high
7.5
First published (updated )
CVE-2023-36818

Discourse DiscourseTopic Title Validation Skipped When Changing Category in Discourse

medium
4.3
First published (updated )
CVE-2023-36466

Discourse DiscourseCSP nonce reuse vulnerability in Discourse

medium
6.8
First published (updated )
CVE-2023-36473

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseInfoleak

medium
5.3
First published (updated )
CVE-2023-34250

Discourse DiscourseDiscourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and v…

medium
5.3
First published (updated )
CVE-2023-32301

Discourse DiscourseDiscourse Topic Creation Page Allows iFrame Tag without Restrictions

medium
5.4
First published (updated )
CVE-2023-32061

Discourse DiscourseDiscourse's general category permissions could be set back to default

medium
5.3
First published (updated )
CVE-2023-31142

Discourse DiscourseXSS

medium
6.1
First published (updated )
CVE-2023-29196

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Discourse DiscourseMultisite denial of service through unsanitized dynamic dispatch to SiteSetting in Discourse

medium
4.9
First published (updated )
CVE-2023-30606

Discourse DiscourseStored Cross-site Scripting via improper sanitization of svg files in Discourse

medium
5.4
First published (updated )
CVE-2023-30538

Discourse DiscourseDenial of service via admin theme import route in Discourse

low
2.7
First published (updated )
CVE-2023-28440

Discourse DiscourseSSRF

high
8.1
First published (updated )
CVE-2023-28112

Discourse DiscourseDiscourse is an open-source discussion platform. Prior to version 3.0.2 of the `stable` branch and v…

medium
4.9
First published (updated )
CVE-2023-28107

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203