Vulnerabilities > Discourse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-02 | CVE-2022-39378 | Unspecified vulnerability in Discourse Discourse is a platform for community discussion. | 5.3 |
| 2022-10-26 | CVE-2022-39355 | Improper Authentication vulnerability in Discourse Patreon Discourse Patreon enables syncronization between Discourse Groups and Patreon rewards. | 9.8 |
| 2022-10-06 | CVE-2022-39279 | Cross-site Scripting vulnerability in Discourse Discourse-Chat 0.3/0.4 discourse-chat is a plugin for the Discourse message board which adds chat functionality. | 5.4 |
| 2022-10-06 | CVE-2022-39270 | Cross-site Scripting vulnerability in Discourse Discotoc DiscoTOC is a Discourse theme component that generates a table of contents for topics. | 5.4 |
| 2022-09-29 | CVE-2022-39232 | Unspecified vulnerability in Discourse 2.9.0 Discourse is an open source discussion platform. | 4.3 |
| 2022-09-29 | CVE-2022-36066 | Unrestricted Upload of File with Dangerous Type vulnerability in Discourse Discourse is an open source discussion platform. | 7.2 |
| 2022-09-29 | CVE-2022-36068 | Missing Authorization vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |
| 2022-09-29 | CVE-2022-39226 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |
| 2022-09-02 | CVE-2022-37458 | Unspecified vulnerability in Discourse Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate. | 7.2 |
| 2022-06-27 | CVE-2022-31096 | Improper Preservation of Permissions vulnerability in Discourse Discourse is an open source discussion platform. | 2.1 |