Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
discourse discourse-chat vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-36057
Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch...
Discourse Discourse-chat
5.4
CVSSv3
CVE-2022-39279
discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions before 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsaf...
Discourse Discourse-chat
6.5
CVSSv3
CVE-2022-31095
discourse-chat is a chat plugin for the Discourse application. Versions before 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpo...
Discourse Discourse-chat
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started