5 matches found
CVE-2022-39279
discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting XSS attack by inserting unsafe HTML into them...
CVE-2022-39279
creationtimestamp| type| source ---|---|--- 2022-10-07 00:16:43+00:00| seen| https://t.me/cibsecurity/50935...
CVE-2022-39279
discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting XSS attack by inserting unsafe HTML into them...
CVE-2022-39279
The CVE concerns the discourse-chat plugin for Discourse, where versions prior to 0.9 render a chat channel name and description insecurely, enabling cross-site scripting by inserting unsafe HTML. The fixed version is 0.9; users are advised to upgrade. No additional exploit details or workaround ...
CVE-2022-39279 Discourse-chat plugin susceptible to XSS in channel name and description
discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting XSS attack by inserting unsafe HTML into them...