Vulnerabilities > Discourse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-41913 | Unspecified vulnerability in Discourse Calendar 0.2 Discourse-calendar is a plugin for the Discourse messaging platform which adds the ability to create a dynamic calendar in the first post of a topic. | 5.4 |
| 2022-11-02 | CVE-2022-39241 | Server-Side Request Forgery (SSRF) vulnerability in Discourse Discourse is a platform for community discussion. | 4.9 |
| 2022-11-02 | CVE-2022-39356 | Unspecified vulnerability in Discourse Discourse is a platform for community discussion. | 8.8 |
| 2022-11-02 | CVE-2022-39378 | Unspecified vulnerability in Discourse Discourse is a platform for community discussion. | 5.3 |
| 2022-10-26 | CVE-2022-39355 | Improper Authentication vulnerability in Discourse Patreon Discourse Patreon enables syncronization between Discourse Groups and Patreon rewards. | 9.8 |
| 2022-10-06 | CVE-2022-39279 | Cross-site Scripting vulnerability in Discourse Discourse-Chat 0.3/0.4 discourse-chat is a plugin for the Discourse message board which adds chat functionality. | 5.4 |
| 2022-10-06 | CVE-2022-39270 | Cross-site Scripting vulnerability in Discourse Discotoc DiscoTOC is a Discourse theme component that generates a table of contents for topics. | 5.4 |
| 2022-09-29 | CVE-2022-39232 | Unspecified vulnerability in Discourse 2.9.0 Discourse is an open source discussion platform. | 4.3 |
| 2022-09-29 | CVE-2022-36066 | Unrestricted Upload of File with Dangerous Type vulnerability in Discourse Discourse is an open source discussion platform. | 7.2 |
| 2022-09-29 | CVE-2022-36068 | Missing Authorization vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |