CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31059 – Discourse Calendar Event names susceptible to Cross-site Scripting
https://notcve.org/view.php?id=CVE-2022-31059
Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in version 1.0.1 of the Discourse Calendar plugin. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. • https://github.com/discourse/discourse-calendar/commit/2719b9e81994e961bf8c4e12b4556dc9777dd62f https://github.com/discourse/discourse-calendar/pull/280 https://github.com/discourse/discourse-calendar/security/advisories/GHSA-c783-x9vm-xxp5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-31025 – Invite bypasses user approval in Discourse
https://notcve.org/view.php?id=CVE-2022-31025
Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the `stable` branch and 2.9.0beta5 on the `beta` and `tests-passed` branches, inviting users on sites that use single sign-on could bypass the `must_approve_users` check and invites by staff are always approved automatically. The issue is patched in Discourse version 2.8.4 on the `stable` branch and version `2.9.0.beta5` on the `beta` and `tests-passed` branches. As a workaround, disable invites or increase `min_trust_level_to_allow_invite` to reduce the attack surface to more trusted users. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/discourse/discourse/commit/0fa0094531efc82d9371f90a02aa804b176d59cf https://github.com/discourse/discourse/commit/7c4e2d33fa4b922354c177ffc880a2f2701a91f9 https://github.com/discourse/discourse/pull/16974 https://github.com/discourse/discourse/pull/16984 https://github.com/discourse/discourse/security/advisories/GHSA-x7jh-mx5q-6f9q • CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24850 – Category group permissions leaked in Discourse
https://notcve.org/view.php?id=CVE-2022-24850
Discourse is an open source platform for community discussion. A category's group permissions settings can be viewed by anyone that has access to the category. As a result, a normal user is able to see whether a group has read/write permissions in the category even though the information should only be available to the users that can manage a category. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no workarounds for this problem. • https://github.com/discourse/discourse/security/advisories/GHSA-34xr-ff4w-mcpf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24824 – Anonymous user cache poisoning in discourse
https://notcve.org/view.php?id=CVE-2022-24824
Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue. • https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24804 – Private group name exposure in discourse
https://notcve.org/view.php?id=CVE-2022-24804
Discourse is an open source platform for community discussion. In stable versions prior to 2.8.3 and beta versions prior 2.9.0.beta4 erroneously expose groups. When a group with restricted visibility has been used to set the permissions of a category, the name of the group is leaked to any user that is able to see the category. To workaround the problem, a site administrator can remove groups with restricted visibility from any category's permissions setting. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/discourse/discourse/commit/0f7b9878ff3207ce20970f0517604793920bb3d2 https://github.com/discourse/discourse/security/advisories/GHSA-v4c9-6m9g-37ff • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •