Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/08/21 5:29 p.m.13 views

CVE-2025-54411

Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcomebanner.header.loggedinmembers site text to remove the...

5.4CVSS6AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2025/08/21 9:26 a.m.4 views

BIT-DISCOURSE-2025-54411 Discourse welcome banner user name XSS

Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcomebanner.header.loggedinmembers site text to remove the...

5.4CVSS5.9AI score0.00187EPSS
Exploits0References3
NVD
NVD
added 2025/08/19 5:15 p.m.10 views

CVE-2025-54411

Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcomebanner.header.loggedinmembers site text to remove the...

5.4CVSS0.00187EPSS
Exploits0References2
CVE
CVE
added 2025/08/19 4:41 p.m.27 views

CVE-2025-54411

CVE-2025-54411 affects Discourse prior to 3.5.0.beta8, where the welcome_banner.header.logged_in_members and the logged-in user name string can cause cross-site scripting (XSS). The underlying issue is in the welcome banner user name string, enabling XSS that may impact the user or allow an admin...

5.4CVSS6AI score0.00187EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/19 4:41 p.m.4 views

CVE-2025-54411 Discourse welcome banner user name XSS

Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcomebanner.header.loggedinmembers site text to remove the...

2.4CVSS6AI score0.00187EPSS
Exploits0References2
OSV
OSV
added 2025/08/19 4:41 p.m.6 views

CVE-2025-54411 Discourse welcome banner user name XSS

Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcomebanner.header.loggedinmembers site text to remove the...

2.4CVSS6AI score0.00187EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.7 views

PT-2025-33751 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.5.0.beta8 Description: Discourse, an open-source discussion platform, contains a cross-site scripting XSS issue in the welcome banner user name string for logged-in users. This can affect the user or an...

2.4CVSS6AI score0.00187EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.5 views

Discourse 跨站脚本漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. Discourse suffers from a cross-site scripting vulnerability that stems from a cross-site scripting attack in which an unescaped username string is...

5.4CVSS6.2AI score0.00187EPSS
Exploits0References4
exploitpack
exploitpack
added 2003/09/08 12:0 a.m.5 views

FTP Desktop 3.5 - Banner Parsing Buffer Overflow

FTP Desktop 3.5 - Banner Parsing Buffer Overflow source: https://www.securityfocus.com/bid/8559/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 'Welcome' banner 220 messages from remote FTP servers. When FTP Desktop...

1AI score
Exploits0
Rows per page
Query Builder