Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
discourse discourse 2.8.0 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-43793
Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse
Discourse Discourse 2.8.0
Discourse Discourse
446
VMScore
CVE-2022-21677
Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group's members visibility set to public ...
Discourse Discourse
Discourse Discourse 2.8.0
383
VMScore
CVE-2021-37703
Discourse is an open-source platform for community discussion. In Discourse prior to 2.7.8 and 2.8.0.beta5, a user's read state for a topic such as the last read post number and the notification level is exposed.
Discourse Discourse
Discourse Discourse 2.8.0
445
VMScore
CVE-2021-37693
Discourse is an open-source platform for community discussion. In Discourse prior to 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additi...
Discourse Discourse
Discourse Discourse 2.8.0
312
VMScore
CVE-2021-43792
Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group (e.g. staff) to view certain tags. Users who...
Discourse Discourse 2.8.0
Discourse Discourse
312
VMScore
CVE-2021-32764
Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Pol...
Discourse Discourse
Discourse Discourse 2.8.0
187
VMScore
CVE-2021-39161
Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modifie...
Discourse Discourse
Discourse Discourse 2.8.0
383
VMScore
CVE-2021-41095
Discourse is an open source discussion platform. There is a cross-site scripting (XSS) vulnerability in versions 2.7.7 and previous versions of the `stable` branch, versions 2.8.0.beta6 and previous versions of the `beta` branch, and versions 2.8.0.beta6 and previous versions of ...
Discourse Discourse 2.8.0
Discourse Discourse
445
VMScore
CVE-2021-41271
Discourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta a...
Discourse Discourse
Discourse Discourse 2.8.0
357
VMScore
CVE-2022-21642
Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no worka...
Discourse Discourse
Discourse Discourse 2.8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »