Vulnerabilities > Discourse > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-05 | CVE-2022-23549 | Unspecified vulnerability in Discourse Discourse is an option source discussion platform. | 6.5 |
| 2023-01-04 | CVE-2022-46180 | Cross-site Scripting vulnerability in Discourse Mermaid Discourse Mermaid (discourse-mermaid-theme-component) allows users of Discourse, open-source forum software, to create graphs using the Mermaid syntax. | 5.4 |
| 2022-12-02 | CVE-2022-46159 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse 0.9.2/2.9.0 Discourse is an open-source discussion platform. | 4.3 |
| 2022-11-29 | CVE-2022-46150 | Information Exposure vulnerability in Discourse Discourse is an open-source discussion platform. | 4.3 |
| 2022-11-29 | CVE-2022-46148 | Cross-site Scripting vulnerability in Discourse Discourse is an open-source messaging platform. | 5.4 |
| 2022-11-28 | CVE-2022-41921 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open-source discussion platform. | 4.3 |
| 2022-11-28 | CVE-2022-41944 | Incorrect Authorization vulnerability in Discourse Discourse is an open-source discussion platform. | 4.3 |
| 2022-11-14 | CVE-2022-39385 | Incorrect Authorization vulnerability in Discourse Discourse is the an open source discussion platform. | 6.5 |
| 2022-11-14 | CVE-2022-41913 | Unspecified vulnerability in Discourse Calendar 0.2 Discourse-calendar is a plugin for the Discourse messaging platform which adds the ability to create a dynamic calendar in the first post of a topic. | 5.4 |
| 2022-11-02 | CVE-2022-39241 | Server-Side Request Forgery (SSRF) vulnerability in Discourse Discourse is a platform for community discussion. | 4.9 |