CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21684 – User can bypass approval when invited to Discourse
https://notcve.org/view.php?id=CVE-2022-21684
13 Jan 2022 — Discourse is an open source discussion platform. Versions prior to 2.7.13 in `stable`, 2.8.0.beta11 in `beta`, and 2.8.0.beta11 in `tests-passed` allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with `must_approve_users` enabled is going to be automatically logged in, bypassing the check that does not allow unapproved users to sign in. They will be able to do everything an approved user can do. If they logout, they cannot log back in. • https://github.com/discourse/discourse/commit/584c6a2e8bc705072b09a9c4b55126d6f8ed4ad2 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21678 – User's bio visible even if profile is restricted in Discourse
https://notcve.org/view.php?id=CVE-2022-21678
13 Jan 2022 — Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the `tests-passed` branch, version 2.8.0.beta11 in the `beta` branch, and version 2.7.13 in the `stable` branch, the bios of users who made their profiles private were still visible in the `` tags on their users' pages. The problem is patched in `tests-passed` version 2.8.0.beta11, `beta` version 2.8.0.beta11, and `stable` version 2.7.13 of Discourse. Discourse es una plataforma de debate de código abierto. En versiones ... • https://github.com/discourse/discourse/commit/5e2e178fcfb490c37b9f8bb9f737185441b1d6de • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21642 – Exposure of whisper participants in discourse
https://notcve.org/view.php?id=CVE-2022-21642
05 Jan 2022 — Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no workaround for this issue and users are advised to upgrade. Discourse es una plataforma de código abierto para la discusión comunitaria. • https://github.com/discourse/discourse/commit/702685b6a06ae45a544fc702027f1e4573d94aaa • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 1CVE-2021-43850 – Denial of Service in discourse
https://notcve.org/view.php?id=CVE-2021-43850
04 Jan 2022 — Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vulnerability is greater on multisite Discourse instances (where multiple forums are served from a single application server) where any admin user on any of the forums are able to visit the `/message-bus/_diagnostics` path. The problem has been patched. Please upgrade to 2.8.0.beta10 or 2.7.12. • https://github.com/discourse/discourse/commit/7a8ec129fb54f188b2da6588c9d24d3a36eb0d39 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-43793 – Bypass of Poll voting limits in Discourse
https://notcve.org/view.php?id=CVE-2021-43793
01 Dec 2021 — Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse Discourse es una plataforma de debate de código abierto. En las versiones afectadas, una vulnerabilidad en la funcionalidad Polls permitía a usuarios votar varias veces en una encuesta de una sola opción. El problema se ha parcheado en las últimas versio... • https://github.com/discourse/discourse/commit/0c6b9df77bac9c6f7c7e2eadf6fe100064afdeab • CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43794 – Anonymous user cache poisoning via development-mode header in Discourse
https://notcve.org/view.php?id=CVE-2021-43794
01 Dec 2021 — Discourse is an open source discussion platform. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown a JSON blob instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/commit/2da0001965c6d8632d723c46ea5df9f22a1a23f1 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-43792 – Notifications leak in Discourse
https://notcve.org/view.php?id=CVE-2021-43792
01 Dec 2021 — Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group (e.g. staff) to view certain tags. Users who were tracking or watching the tags via /preferences/tags, then have their staff status revoked will still see notifications related to the tag, but will not see the tag on each topic. This issue has been patched in stable version 2.7.11. • https://github.com/discourse/discourse/commit/cdaf7f4bb3ec268238e4c29a14bb73fad56574b4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-41271 – Cache poisoning via maliciously-formed request in discourse
https://notcve.org/view.php?id=CVE-2021-41271
15 Nov 2021 — Discourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Discourse es una plataforma para el debate comunitario. • https://github.com/discourse/discourse/commit/2da0001965c6d8632d723c46ea5df9f22a1a23f1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 4%CPEs: 7EXPL: 0CVE-2021-41163 – RCE via malicious SNS subscription payload
https://notcve.org/view.php?id=CVE-2021-41163
20 Oct 2021 — Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. To workaround the issue without updating, requests with a path starting /webhooks/aws path could be blocked at an upstream proxy. • https://github.com/discourse/discourse/commit/fa3c46cf079d28b086fe1025349bb00223a5d5e9 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2021-41095 – XSS via blocked watched word in error message
https://notcve.org/view.php?id=CVE-2021-41095
27 Sep 2021 — Discourse is an open source discussion platform. There is a cross-site scripting (XSS) vulnerability in versions 2.7.7 and earlier of the `stable` branch, versions 2.8.0.beta6 and earlier of the `beta` branch, and versions 2.8.0.beta6 and earlier of the `tests-passed` branch. Rendering of some error messages that contain user input can be susceptible to XSS attacks. This vulnerability only affects sites which have blocked watched words that contain HTML tags, modified or disabled Discourse's default Content... • https://github.com/discourse/discourse/pull/14434/commits/40b776b9d39c41d9273d01eecf8fe03aa39fcb59 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •