Vulnerabilities > Discourse > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-14 CVE-2022-21677 Information Exposure vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-200
5.3
2022-01-13 CVE-2022-21678 Incorrect Authorization vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-863
4.3
2022-01-05 CVE-2022-21642 Information Exposure vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse CWE-200
4.3
2022-01-04 CVE-2021-43850 Unspecified vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse
6.8
2021-12-17 CVE-2021-43840 Unspecified vulnerability in Discourse Message BUS
message_bus is a messaging bus for Ruby processes and web clients.
network
low complexity
discourse
6.5
2021-12-01 CVE-2021-43792 Unspecified vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse
4.3
2021-11-15 CVE-2021-41271 Unspecified vulnerability in Discourse
Discourse is a platform for community discussion.
network
low complexity
discourse
5.3
2021-09-27 CVE-2021-41095 Cross-site Scripting vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-79
6.1
2021-09-23 CVE-2020-24327 Server-Side Request Forgery (SSRF) vulnerability in Discourse 2.3.2/2.6.0
Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function.
network
low complexity
discourse CWE-918
5.3
2021-08-26 CVE-2021-39161 Cross-site Scripting vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse CWE-79
5.4