CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43827 – Inline footnotes wrapped in <a> tags can cause errors in discourse-footnotes
https://notcve.org/view.php?id=CVE-2021-43827
discourse-footnote is a library providing footnotes for posts in Discourse. ### Impact When posting an inline footnote wrapped in `<a>` tags (e.g. `<a>^[footnote]</a>`, the resulting rendered HTML would include a nested `<a>`, which is stripped by Nokogiri because it is not valid. This then caused a javascript error on topic pages because we were looking for an `<a>` element inside the footnote reference span and getting its ID, and because it did not exist we got a null reference error in javascript. Users are advised to update to version 0.2. As a workaround editing offending posts from the rails console or the database console for self-hosters, or disabling the plugin in the admin panel can mitigate this issue. discourse-footnote es una biblioteca que proporciona notas a pie de página para los mensajes en Discourse. ### Impacto Cuando es publicada una nota al pie de página en línea envuelta en etiquetas "(a)" (por ejemplo, "(a)^[footnote](/a)", el HTML resultante incluye un "(a)" anidado, que es eliminado por Nokogiri porque no es válido. • https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-43793 – Bypass of Poll voting limits in Discourse
https://notcve.org/view.php?id=CVE-2021-43793
Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse Discourse es una plataforma de debate de código abierto. En las versiones afectadas, una vulnerabilidad en la funcionalidad Polls permitía a usuarios votar varias veces en una encuesta de una sola opción. El problema se ha parcheado en las últimas versiones de Discourse, tanto en fase beta como en versión estable • https://github.com/discourse/discourse/commit/0c6b9df77bac9c6f7c7e2eadf6fe100064afdeab https://github.com/discourse/discourse/commit/1d0faedfbc3a8b77b971dc70d25e30791dbb6e0b https://github.com/discourse/discourse/security/advisories/GHSA-jq7h-44vc-h6qx • CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43794 – Anonymous user cache poisoning via development-mode header in Discourse
https://notcve.org/view.php?id=CVE-2021-43794
Discourse is an open source discussion platform. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown a JSON blob instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Discourse es una plataforma de debate de código abierto. • https://github.com/discourse/discourse/commit/2da0001965c6d8632d723c46ea5df9f22a1a23f1 https://github.com/discourse/discourse/security/advisories/GHSA-249g-pc77-65hp • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-43792 – Notifications leak in Discourse
https://notcve.org/view.php?id=CVE-2021-43792
Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group (e.g. staff) to view certain tags. Users who were tracking or watching the tags via /preferences/tags, then have their staff status revoked will still see notifications related to the tag, but will not see the tag on each topic. This issue has been patched in stable version 2.7.11. • https://github.com/discourse/discourse/commit/cdaf7f4bb3ec268238e4c29a14bb73fad56574b4 https://github.com/discourse/discourse/security/advisories/GHSA-pq2x-vq37-8522 https://meta.discourse.org/t/non-forum-staff-getting-notifications-for-staff-only-tags/184895 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-41271 – Cache poisoning via maliciously-formed request in discourse
https://notcve.org/view.php?id=CVE-2021-41271
Discourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Discourse es una plataforma para el debate comunitario. • https://github.com/discourse/discourse/commit/2da0001965c6d8632d723c46ea5df9f22a1a23f1 https://github.com/discourse/discourse/security/advisories/GHSA-hf6r-mc9j-hf4p • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •