Vulnerabilities > Discourse > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-14 | CVE-2021-43827 | Improper Handling of Exceptional Conditions vulnerability in Discourse Footnote 0.1 discourse-footnote is a library providing footnotes for posts in Discourse. | 4.0 |
| 2021-12-01 | CVE-2021-43793 | Unspecified vulnerability in Discourse Discourse is an open source discussion platform. | 4.0 |
| 2021-12-01 | CVE-2021-43794 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Discourse Discourse is an open source discussion platform. | 5.0 |
| 2021-11-15 | CVE-2021-41271 | Information Exposure vulnerability in Discourse Discourse is a platform for community discussion. | 5.0 |
| 2021-11-15 | CVE-2021-41263 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Discourse Rails Multisite rails_multisite provides multi-db support for Rails applications. | 6.0 |
| 2021-10-19 | CVE-2021-41140 | Information Exposure vulnerability in Discourse Reactions 0.1 Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. | 5.0 |
| 2021-09-27 | CVE-2021-41095 | Cross-site Scripting vulnerability in Discourse Discourse is an open source discussion platform. | 6.1 |
| 2021-09-23 | CVE-2020-24327 | Server-Side Request Forgery (SSRF) vulnerability in Discourse 2.3.2/2.6.0 Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. | 5.0 |
| 2021-09-20 | CVE-2021-41082 | Incorrect Authorization vulnerability in Discourse Discourse is a platform for community discussion. | 5.0 |
| 2021-08-13 | CVE-2021-37693 | Insufficient Session Expiration vulnerability in Discourse Discourse is an open-source platform for community discussion. | 5.0 |