Vulnerabilities > Discourse

DATE CVE VULNERABILITY TITLE RISK
2021-11-15 CVE-2021-41271 Information Exposure vulnerability in Discourse
Discourse is a platform for community discussion.
network
low complexity
discourse CWE-200
5.0
5.0
2021-11-15 CVE-2021-41263 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Discourse Rails Multisite
rails_multisite provides multi-db support for Rails applications.
network
discourse CWE-327
6.0
6.0
2021-10-20 CVE-2021-41163 Injection vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse CWE-74
critical
 9.8
9.8
2021-10-19 CVE-2021-41140 Information Exposure vulnerability in Discourse Reactions 0.1
Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post.
network
low complexity
discourse CWE-200
5.0
5.0
2021-09-27 CVE-2021-41095 Cross-site Scripting vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-79
6.1
6.1
2021-09-23 CVE-2020-24327 Server-Side Request Forgery (SSRF) vulnerability in Discourse 2.3.2/2.6.0
Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function.
network
low complexity
discourse CWE-918
5.0
5.0
2021-09-20 CVE-2021-41082 Incorrect Authorization vulnerability in Discourse
Discourse is a platform for community discussion.
network
low complexity
discourse CWE-863
5.0
5.0
2021-08-26 CVE-2021-39161 Cross-site Scripting vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
high complexity
discourse CWE-79
2.1
2.1
2021-08-13 CVE-2021-37693 Insufficient Session Expiration vulnerability in Discourse
Discourse is an open-source platform for community discussion.
network
low complexity
discourse CWE-613
5.0
5.0
2021-08-13 CVE-2021-37703 Information Exposure vulnerability in Discourse
Discourse is an open-source platform for community discussion.
network
discourse CWE-200
4.3
4.3