CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37693 – Re-use of email tokens in Discourse
https://notcve.org/view.php?id=CVE-2021-37693
13 Aug 2021 — Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additional email address does not invalidate an unused token which can then be used in other contexts, including reseting a password. Discourse es una plataforma de código abierto para el debate comunitario. En Discourse versiones ... • https://github.com/discourse/discourse/commit/fb14e50741a4880cda22244eded8858e2f5336ef • CWE-613: Insufficient Session Expiration CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37633 – XSS via d-popover and d-html-popover attribute
https://notcve.org/view.php?id=CVE-2021-37633
09 Aug 2021 — Discourse is an open source discussion platform. In versions prior to 2.7.8 rendering of d-popover tooltips can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. This issue is patched in the latest `stable` 2.7.8 version of Discourse. As a workaround users may ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. • https://github.com/discourse/discourse/commit/38199424bc840d2ef002cd1e9bffdbb99191eb47 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32788 – Post creator of a whisper post can be revealed to non-staff users in Discourse
https://notcve.org/view.php?id=CVE-2021-32788
27 Jul 2021 — Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal message even though the whisper post cannot be seen by them. 2: When a whisper post is before the last post in a post stream, deleting the last post will result in the creator of the whisper post to be revealed to n... • https://github.com/discourse/discourse/commit/680024f9071b7696e5a444a58791016c6dc1f1e5 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-32764 – YouTube Onebox susceptible to XSS
https://notcve.org/view.php?id=CVE-2021-32764
15 Jul 2021 — Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is patched in `stable` version 2.7.6, `beta` version 2.8.0.beta3, and `tests-passed` version 2.8.0.beta3. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would ... • https://github.com/discourse/discourse/security/advisories/GHSA-9x4c-29xg-56hw • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 3CVE-2021-3138 – Discourse 2.7.0 2FA Bypass
https://notcve.org/view.php?id=CVE-2021-3138
14 Jan 2021 — In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms. En Discourse versiones 2.7.0 hasta beta1, una omisión del límite de velocidad conlleva a una omisión del requisito de 2FA para determinadas formularios Discourse version 2.7.0 suffers from a 2FA bypass via a rate limiting bypass vulnerability. • https://packetstorm.news/files/id/162256 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15515
https://notcve.org/view.php?id=CVE-2019-15515
26 Aug 2019 — Discourse 2.3.2 sends the CSRF token in the query string. Discourse 2.3.2 envía el token CSRF en la cadena de consulta. • https://github.com/discourse/discourse/pull/8026 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-1020018
https://notcve.org/view.php?id=CVE-2019-1020018
29 Jul 2019 — Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link. Discourse en versiones anteriores a la 2.3.0 y 2.4.x en versiones anteriores a la 2.4.0.beta3 carece de una pantalla de confirmación cuando se inicia sesión mediante un enlace de correo electrónico. • https://github.com/discourse/discourse/commit/52387be4a44cdeaca5421ee955ba1343e836bade • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-1020017
https://notcve.org/view.php?id=CVE-2019-1020017
29 Jul 2019 — Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP. Discourse en versiones anteriores a la 2.3.0 y 2.4.x en versiones anteriores a la 2.4.0.beta3, carece de una pantalla de confirmación cuando se inicia sesión mediante un usuario de la api OTP. • https://github.com/discourse/discourse/commit/b8340c6c8e50a71ff1bca9654b9126ca5a84ce9a •