Vulnerabilities > Discourse > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-02 | CVE-2022-39241 | Server-Side Request Forgery (SSRF) vulnerability in Discourse Discourse is a platform for community discussion. | 4.9 |
| 2022-11-02 | CVE-2022-39378 | Unspecified vulnerability in Discourse Discourse is a platform for community discussion. | 5.3 |
| 2022-10-06 | CVE-2022-39279 | Cross-site Scripting vulnerability in Discourse Discourse-Chat 0.3/0.4 discourse-chat is a plugin for the Discourse message board which adds chat functionality. | 5.4 |
| 2022-10-06 | CVE-2022-39270 | Cross-site Scripting vulnerability in Discourse Discotoc DiscoTOC is a Discourse theme component that generates a table of contents for topics. | 5.4 |
| 2022-09-29 | CVE-2022-39232 | Unspecified vulnerability in Discourse 2.9.0 Discourse is an open source discussion platform. | 4.3 |
| 2022-09-29 | CVE-2022-36068 | Missing Authorization vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |
| 2022-09-29 | CVE-2022-39226 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |
| 2022-09-06 | CVE-2022-36057 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Discourse Discourse-Chat 0.3/0.4 Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. | 4.8 |
| 2022-08-01 | CVE-2022-31182 | Improper Resource Shutdown or Release vulnerability in Discourse Discourse is the an open source discussion platform. | 5.3 |
| 2022-06-27 | CVE-2022-31096 | Improper Preservation of Permissions vulnerability in Discourse Discourse is an open source discussion platform. | 5.7 |