CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41263 – Secure/signed cookies share secrets between sites in rails_multisite
https://notcve.org/view.php?id=CVE-2021-41263
rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application. The issue has been patched in v4 of the `rails_multisite` gem. Note that this upgrade will invalidate all previous signed/encrypted cookies. • https://github.com/discourse/rails_multisite/commit/c6785cdb5c9277dd2c5ac8d55180dd1ece440ed0 https://github.com/discourse/rails_multisite/security/advisories/GHSA-844m-cpr9-jcmh • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2021-41163 – RCE via malicious SNS subscription payload
https://notcve.org/view.php?id=CVE-2021-41163
Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. To workaround the issue without updating, requests with a path starting /webhooks/aws path could be blocked at an upstream proxy. • https://github.com/discourse/discourse/commit/fa3c46cf079d28b086fe1025349bb00223a5d5e9 https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-pvpc-qgwq • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41140 – Reactions leak for secure category topics and private messages
https://notcve.org/view.php?id=CVE-2021-41140
Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are visible. This issue is patched in version 0.2 of discourse-reaction. Users who are unable to update are advised to disable the Discourse-reactions plugin in admin panel. Discourse-reactions es un plugin para la plataforma Discourse que permite al usuario añadir sus reacciones al post. • https://github.com/discourse/discourse-reactions/commit/213d90b82fd15c4186ebc290fee18817d9727d0d https://github.com/discourse/discourse-reactions/security/advisories/GHSA-9358-hwg5-jrmh • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2021-41095 – XSS via blocked watched word in error message
https://notcve.org/view.php?id=CVE-2021-41095
Discourse is an open source discussion platform. There is a cross-site scripting (XSS) vulnerability in versions 2.7.7 and earlier of the `stable` branch, versions 2.8.0.beta6 and earlier of the `beta` branch, and versions 2.8.0.beta6 and earlier of the `tests-passed` branch. Rendering of some error messages that contain user input can be susceptible to XSS attacks. This vulnerability only affects sites which have blocked watched words that contain HTML tags, modified or disabled Discourse's default Content Security Policy. This issue is patched in the latest `stable`, `beta` and `tests-passed` versions of Discourse. • https://github.com/discourse/discourse/pull/14434/commits/40b776b9d39c41d9273d01eecf8fe03aa39fcb59 https://github.com/discourse/discourse/security/advisories/GHSA-qvqx-2h7w-m479 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 2CVE-2020-24327
https://notcve.org/view.php?id=CVE-2020-24327
Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites. Se presenta una vulnerabilidad de tipo Server Side Request Forgery (SSRF) en Discourse 2.3.2 y 2.6, por medio de la función de correo electrónico. Cuando se escribe un correo electrónico en un editor, se pueden cargar imágenes de sitios web remotos • https://github.com/discourse/discourse/pull/10509 https://github.com/purple-WL/Discourse-sending-email-function-exist-Server-side-request-forgery-SSRF-/issues/1 • CWE-918: Server-Side Request Forgery (SSRF) •