Vulnerabilities > Discourse > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-07 CVE-2024-43789 Unspecified vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse
4.3
2024-10-07 CVE-2024-45297 Unspecified vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse
4.3
2024-10-07 CVE-2024-47772 Cross-site Scripting vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse CWE-79
6.1
2024-09-12 CVE-2024-45303 Cross-site Scripting vulnerability in Discourse Calendar 0.2
Discourse Calendar plugin adds the ability to create a dynamic calendar in the first post of a topic to Discourse.
network
low complexity
discourse CWE-79
6.1
2024-08-30 CVE-2024-21658 Allocation of Resources Without Limits or Throttling vulnerability in Discourse Calendar 1.0.0/1.0.1
discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic.
network
low complexity
discourse CWE-770
4.3
2024-07-30 CVE-2024-37165 Cross-site Scripting vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-79
6.1
2024-07-30 CVE-2024-39320 Improper Restriction of Rendered UI Layers or Frames vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-1021
6.1
2024-07-03 CVE-2024-36122 Unspecified vulnerability in Discourse
Discourse is an open-source discussion platform.
network
low complexity
discourse
4.3
2024-07-03 CVE-2024-37157 Server-Side Request Forgery (SSRF) vulnerability in Discourse
Discourse is an open-source discussion platform.
network
low complexity
discourse CWE-918
5.3
2024-07-03 CVE-2024-35234 Cross-site Scripting vulnerability in Discourse
Discourse is an open-source discussion platform.
network
low complexity
discourse CWE-79
6.1