CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-39378 – Displaying user badges can leak topic titles to users that have no access to the topic
https://notcve.org/view.php?id=CVE-2022-39378
02 Nov 2022 — Discourse is a platform for community discussion. Under certain conditions, a user badge may have been awarded based on a user's activity in a topic with restricted access. Before this vulnerability was disclosed, the topic title of the topic associated with the user badge may be viewed by any user. If there are sensitive information in the topic title, it will therefore have been exposed. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. • https://github.com/discourse/discourse/security/advisories/GHSA-2gvq-27h6-4h5f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-39232 – Discourse vulnerable to incomplete quote causing a topic to crash in the browser
https://notcve.org/view.php?id=CVE-2022-39232
29 Sep 2022 — Discourse is an open source discussion platform. Starting with version 2.9.0.beta5 and prior to version 2.9.0.beta10, an incomplete quote can generate a JavaScript error which will crash the current page in the browser in some cases. Version 2.9.0.beta10 added a fix and tests to ensure incomplete quotes won't break the app. As a workaround, the quote can be fixed via the rails console. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/commit/eab33af5bf19827527fe79134d865b5c727f6530 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-39226 – Discourse user profile location and website fields were not sufficiently length-limited
https://notcve.org/view.php?id=CVE-2022-39226
29 Sep 2022 — Discourse is an open source discussion platform. In versions prior to 2.8.9 on the `stable` branch and prior to 2.9.0.beta10 on the `beta` and `tests-passed` branches, a malicious actor can add large payloads of text into the Location and Website fields of a user profile, which causes issues for other users when loading that profile. A fix to limit the length of user input for these fields is included in version 2.8.9 on the `stable` branch and version 2.9.0.beta10 on the `beta` and `tests-passed` branches.... • https://github.com/discourse/discourse/commit/e69f7d2fd9c977dedbdb17f6813651e2a45bfb71 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0CVE-2022-36068 – Discourse moderators can edit themes via the API
https://notcve.org/view.php?id=CVE-2022-36068
29 Sep 2022 — Discourse is an open source discussion platform. In versions prior to 2.8.9 on the `stable` branch and prior to 2.9.0.beta10 on the `beta` and `tests-passed` branches, a moderator can create new and edit existing themes by using the API when they should not be able to do so. The problem is patched in version 2.8.9 on the `stable` branch and version 2.9.0.beta10 on the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/commit/ae1e536e83940d58f1c79b835c75c249121c46b6 • CWE-862: Missing Authorization •
CVSS: 9.1EPSS: 1%CPEs: 10EXPL: 0CVE-2022-36066 – Discourse vulnerable to RCE via admins uploading maliciously zipped file
https://notcve.org/view.php?id=CVE-2022-36066
29 Sep 2022 — Discourse is an open source discussion platform. In versions prior to 2.8.9 on the `stable` branch and prior to 2.9.0.beta10 on the `beta` and `tests-passed` branches, admins can upload a maliciously crafted Zip or Gzip Tar archive to write files at arbitrary locations and trigger remote code execution. The problem is patched in version 2.8.9 on the `stable` branch and version 2.9.0.beta10 on the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de debate de cód... • https://github.com/discourse/discourse/commit/b27d5626d208a22c516a0adfda7554b67b493835 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-37458
https://notcve.org/view.php?id=CVE-2022-37458
02 Sep 2022 — Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate. Discourse versiones hasta 2.8.7, permite a administradores enviar invitaciones a direcciones de correo electrónico arbitrarias a un ritmo ilimitado • https://github.com/discourse/discourse/security/advisories/GHSA-q2rg-m477-8wg7 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-31184 – Email activation route can be abused by spammers in Discourse
https://notcve.org/view.php?id=CVE-2022-31184
01 Aug 2022 — Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unable to upgrade should manually rate limit email. • https://github.com/discourse/discourse/commit/af1cb735db7fb73217b85d22dbadd1bc824ac0b0 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31182 – Cache poisoning via maliciously-formed request in Discourse
https://notcve.org/view.php?id=CVE-2022-31182
01 Aug 2022 — Discourse is the an open source discussion platform. In affected versions a maliciously crafted request for static assets could cause error responses to be cached by Discourse's default NGINX proxy configuration. A corrected NGINX configuration is included in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/7af25544c3940c4d046c51f4cfac9c72a06d4f50 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-31096 – Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse
https://notcve.org/view.php?id=CVE-2022-31096
27 Jun 2022 — Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to... • https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r • CWE-281: Improper Preservation of Permissions •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-31060 – Banner topic data is exposed on login-required Discourse sites
https://notcve.org/view.php?id=CVE-2022-31060
14 Jun 2022 — Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners. Discourse es una plataforma de discusión de código abierto. • https://github.com/discourse/discourse/commit/ae6a9079436fb9b20fd051d25fb6d8027f0ec59a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •