Exposição de Discourse
Message boards83
score de exposição
2.494
sites usam
0
em exploração
2
críticos
CVEs
248 resultadosCVE-2026-24742MEDIUMDiscourse staff action logs expose sensitive information to moderatorsEPSS 0.3%CVE-2026-27934HIGHDiscourse leaks private topic title and post excerpt via user action API endpointEPSS 0.3%CVE-2025-61598MEDIUMDiscourse is missing Cache-Control response header on error responsesEPSS 0.3%CVE-2026-33393MEDIUMDiscourse fixes loose hostname matching in spam host allowlistEPSS 0.3%CVE-2026-33514MEDIUMDiscourse: Information Disclosure in Form Template API Due to Missing AuthorizationEPSS 0.3%CVE-2024-52589LOWModerators can view Screened emails even when the “moderators view emails” option is disabled in DiscourseEPSS 0.2%CVE-2026-23743MEDIUMDiscourse allows permalinks to restricted resources to leak resource slugs to unauthorized usersEPSS 0.2%CVE-2025-64528MEDIUMUsers are able to find users by name even when `enable_names` is offEPSS 0.2%CVE-2026-26077MEDIUMDiscourse doesn't ensure webhooks require a tokenEPSS 0.2%CVE-2023-37904LOWDiscourse Race Condition in Accept InviteEPSS 0.2%CVE-2026-26265HIGHDiscourse has IDOR vulnerability in the directory items endpointEPSS 0.2%CVE-2025-68666MEDIUMDiscourse users archives leaked to users with moderation privilegesEPSS 0.2%CVE-2024-55948HIGHAnonymous cache poisoning via XHR requests in DiscourseEPSS 0.2%CVE-2025-23023HIGHAnonymous cache poisoning via request headers in DiscourseEPSS 0.2%CVE-2025-68934MEDIUMDiscourse Has Denial of Service (DoS) Vulnerability in Drafts Creation EndpointEPSS 0.2%CVE-2026-44779MEDIUMDiscourse: Bot debug endpoints disclose whisper translation audit logsEPSS 0.2%CVE-2026-33300MEDIUMDiscourse: Hidden group names and access metadata are exposed to moderators through the `category-chatables` endpointEPSS 0.2%CVE-2026-32143MEDIUMDiscourse: Admin-only report can be exported by moderatorsEPSS 0.2%CVE-2026-32244MEDIUMDiscourse: Cached outdated summaries can leak removed contentEPSS 0.2%CVE-2025-58055MEDIUMDiscourse AI Suggestions Contain Insecure Direct Object ReferenceEPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →