Exposición de Discourse
Message boards83
score de exposición
2494
sitios usan
0
en explotación
2
críticos
CVEs
248 resultadosCVE-2026-29072HIGHDiscourse missing permission check for policy creation in discourse-policyEPSS 0.2%CVE-2026-44784MEDIUMDiscourse: Non-staff group owners can see email password in plaintext through group historyEPSS 0.2%CVE-2026-33395MEDIUMDiscourse has stored click‑based XSS via Graphviz SVG javascript: linksEPSS 0.2%CVE-2026-27481MEDIUMDiscourse: Hidden tag visibility bypass on tag routesEPSS 0.2%CVE-2026-27162MEDIUMDIscourse doesn't prevent whispers to leak in excerptsEPSS 0.2%CVE-2026-27149MEDIUMDiscourse has SQL injection in PM tag filteringEPSS 0.2%CVE-2026-26078HIGHDiscourse has authentication bypass vulnerability in the Patreon plugin webhook endpointEPSS 0.2%CVE-2026-30891MEDIUMDiscourse hasUnauthorized Exposure of Private User Action TypesEPSS 0.2%CVE-2026-21865MEDIUMDiscourse topic conversion permission vulnerability for moderatorsEPSS 0.2%CVE-2025-68659MEDIUMDiscourse has DoS vulnerability in username change endpointEPSS 0.2%CVE-2026-33424MEDIUMPM access granted through invites after access revocationEPSS 0.2%CVE-2026-47264MEDIUMDiscourse: Don't leak restricted tag group names via tag infoEPSS 0.2%CVE-2025-68660MEDIUMDiscourse AI Discover's continue conversation allows threat actor to impersonate userEPSS 0.2%CVE-2025-32376MEDIUMDiscourse DM limits aren’t always properly enforcedEPSS 0.2%CVE-2026-31805MEDIUMDiscourse has a poll authorization bypass via post_id array parameterEPSS 0.2%CVE-2026-34154LOWDiscourse has a subscription access bypass in its discourse-subscriptions pluginEPSS 0.2%CVE-2026-30888LOWDiscourse has moderator privilege escalation via arbitrary post_id in suspend/silence endpointEPSS 0.2%CVE-2026-32114MEDIUMDiscourse's unscoped status lookups leak restricted metadataEPSS 0.2%CVE-2025-67723MEDIUMDiscourse vulnerable to stored Cross-site Scripting via Katex in discourse-math pluginEPSS 0.2%CVE-2026-47263MEDIUMDiscourse: Prevent webhook payload disclosure on event redeliveryEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →