Exposição de Discourse
Message boards83
score de exposição
2.494
sites usam
0
em exploração
2
críticos
CVEs
248 resultadosCVE-2025-54411LOWDiscourse welcome banner user name XSSEPSS 0.2%CVE-2025-58054LOWDiscourse is vulnerable to XSS when quoting chat messagesEPSS 0.2%CVE-2025-24808MEDIUMDiscourse has race condition when adding users to a group DMEPSS 0.2%CVE-2026-33185MEDIUMDiscourse: Group SMTP test endpoint susceptible to SSRFEPSS 0.2%CVE-2026-31869MEDIUMDiscourse: Composer mentions endpoint leaks hidden group membership through PM `allowed_names` checkEPSS 0.2%CVE-2026-33073LOWdiscourse-subscriptions plugin leaking stripe API key in multisite environmentEPSS 0.2%CVE-2026-33074MEDIUMDiscourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptionsEPSS 0.2%CVE-2025-68479HIGHDiscourse subscriptions are susceptible to takeoverEPSS 0.2%CVE-2026-32243MEDIUMDiscourse: Stored XSS in discourse-ai shared conversations oneboxEPSS 0.2%CVE-2026-26979NONEDiscourse: TL4 users are able to change status of restricted topicsEPSS 0.2%CVE-2026-32273MEDIUMDiscourse: XSS on category description update via APIEPSS 0.2%CVE-2026-32607LOWDiscourse: Stored XSS via unescaped assignee nameEPSS 0.2%CVE-2026-27154LOWDiscourse has XSS when editing a malicious postEPSS 0.2%CVE-2025-69289MEDIUMDiscourse has insecure default configuration that allows non-admin moderators to takeover any non-staff account via email changeEPSS 0.2%CVE-2026-32619MEDIUMDiscourse: Insufficient topic visibility check allows unauthorized poll manipulation in private categoriesEPSS 0.2%CVE-2026-33426LOWDiscourse users can edit or synonymize hidden tags they can't seeEPSS 0.2%CVE-2026-27152LOWDIscourse has DM communication-preference bypass when adding membersEPSS 0.2%CVE-2026-27153LOWDiscourse doesn't prevent moderators from exporting user Chat DMsEPSS 0.2%CVE-2026-33410MEDIUMDiscourse hardens chat DM channel creation and expansionEPSS 0.2%CVE-2026-33251MEDIUMDiscourse has a Hidden Solved topics permission bypassEPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →