Exposición de Discourse
Message boards83
score de exposición
2494
sitios usan
0
en explotación
2
críticos
CVEs
248 resultadosCVE-2022-21678MEDIUMUser's bio visible even if profile is restricted in DiscourseEPSS 0.9%CVE-2022-31025LOWInvite bypasses user approval in DiscourseEPSS 0.9%CVE-2021-32788MEDIUMPost creator of a whisper post can be revealed to non-staff users in DiscourseEPSS 0.9%CVE-2023-22739MEDIUMDiscourse subject to Allocation of Resources Without Limits or ThrottlingEPSS 0.9%CVE-2023-23621HIGHDiscourse vulnerable to ReDoS in user agent parsingEPSS 0.9%CVE-2019-1020017—Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP.EPSS 0.9%CVE-2021-37703MEDIUMInformation exposure in DiscourseEPSS 0.8%CVE-2021-37693MEDIUMRe-use of email tokens in DiscourseEPSS 0.8%CVE-2021-43792MEDIUMNotifications leak in DiscourseEPSS 0.8%CVE-2021-43850MEDIUMDenial of Service in discourseEPSS 0.8%CVE-2022-24804MEDIUMPrivate group name exposure in discourseEPSS 0.8%CVE-2022-39226MEDIUMDiscourse user profile location and website fields were not sufficiently length-limitedEPSS 0.8%CVE-2021-37633HIGHXSS via d-popover and d-html-popover attributeEPSS 0.8%CVE-2021-43793MEDIUMBypass of Poll voting limits in DiscourseEPSS 0.8%CVE-2022-23548MEDIUMDiscourse is an option source discussion platform. Prior to version 2.8.14 on the `stable` branch and version 2.9.0.beta16 on the `beta` andEPSS 0.7%CVE-2022-21642MEDIUMExposure of whisper participants in discourseEPSS 0.7%CVE-2022-36068HIGHDiscourse moderators can edit themes via the APIEPSS 0.7%CVE-2023-46130MEDIUMBypassing height value allowed in some theme componentsEPSS 0.7%CVE-2023-47121LOWDiscourse SSRF vulnerability in EmbeddingEPSS 0.7%CVE-2023-28440LOWDenial of service via admin theme import route in DiscourseEPSS 0.7%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →