CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2021-39161 – Cross-site scripting via category name in Discourse
https://notcve.org/view.php?id=CVE-2021-39161
Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse's default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. • https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-37703 – Information exposure in Discourse
https://notcve.org/view.php?id=CVE-2021-37703
Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta5, a user's read state for a topic such as the last read post number and the notification level is exposed. Discourse es una plataforma de código abierto para el debate comunitario. En Discourse versiones anteriores a 2.7.8 y 2.8.0.beta5, el estado de lectura de un usuario para un tema, como el número de la última publicación leída y el nivel de notificación, está expuesto. • https://github.com/discourse/discourse/commit/aed65ec16d38886d7be7209d8c02df4ffd4937a4 https://github.com/discourse/discourse/security/advisories/GHSA-gq2h-qhg2-phf9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37693 – Re-use of email tokens in Discourse
https://notcve.org/view.php?id=CVE-2021-37693
Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additional email address does not invalidate an unused token which can then be used in other contexts, including reseting a password. Discourse es una plataforma de código abierto para el debate comunitario. En Discourse versiones anteriores a 2.7.8 y 2.8.0.beta4, cuando se añaden direcciones de correo electrónico adicionales a una cuenta existente en un sitio de Discourse es generado un token de correo electrónico como parte del proceso de comprobación del correo electrónico. • https://github.com/discourse/discourse/commit/fb14e50741a4880cda22244eded8858e2f5336ef https://github.com/discourse/discourse/security/advisories/GHSA-9377-96f4-cww4 • CWE-613: Insufficient Session Expiration CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37633 – XSS via d-popover and d-html-popover attribute
https://notcve.org/view.php?id=CVE-2021-37633
Discourse is an open source discussion platform. In versions prior to 2.7.8 rendering of d-popover tooltips can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. This issue is patched in the latest `stable` 2.7.8 version of Discourse. As a workaround users may ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. • https://github.com/discourse/discourse/commit/38199424bc840d2ef002cd1e9bffdbb99191eb47 https://github.com/discourse/discourse/security/advisories/GHSA-v3v8-3m5w-pjp9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32788 – Post creator of a whisper post can be revealed to non-staff users in Discourse
https://notcve.org/view.php?id=CVE-2021-32788
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal message even though the whisper post cannot be seen by them. 2: When a whisper post is before the last post in a post stream, deleting the last post will result in the creator of the whisper post to be revealed to non-staff users as the last poster of the topic. Discourse es una plataforma de debate de código abierto. En las versiones anteriores a 2.7.7 se presentan dos bugs que conllevaron a que el creador de una publicación whisper fuera revelado a usuarios que no eran del personal. 1: Unos usuarios del personal que crean una publicación whisper en un mensaje personal son revelados a participantes del mensaje personal que no son del personal, aunque la publicación whisper no puede ser vista por ellos. 2: Cuando una publicación whisper es anterior al último mensaje en un flujo de mensajes, eliminando la última publicación resultará en que el creador del mensaje whisper sea revelado a usuarios no pertenecientes al personal como el último mensaje del tema • https://github.com/discourse/discourse/commit/680024f9071b7696e5a444a58791016c6dc1f1e5 https://github.com/discourse/discourse/commit/dbdf61196d9e964e8823793d2e7f856595fea4d9 https://github.com/discourse/discourse/security/advisories/GHSA-v6xg-q577-vc92 • CWE-668: Exposure of Resource to Wrong Sphere •