EUVD-2023-51262

Malicious code in bioql PyPI...

CVE-2023-47119

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

Exploit for Injection in Discourse

Table of contents ================= CVE-2023-47119cve...

Design/Logic Flaw

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

CVE-2023-47119 HTML injection in oneboxed links

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

PT-2023-30322 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.3 Discourse version 3.2.0.beta3 and earlier of the beta and tests-passed branches Description: Discourse is an open source platform for community discussion. The issue allows some links to inject arbitrary HTML...

Discourse Security Breach

Discourse is an open source community discussion platform. The platform includes community, email and chat room features. A security vulnerability exists in Discourse prior to version 3.1.3, which stems from the fact that certain links can be injected with arbitrary HTML tags when rendered by the...