4 matches found
CVE-2021-39161
Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scriptingXSS attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed...
CVE-2021-39161 Cross-site scripting via category name in Discourse
Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scriptingXSS attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed...
Discourse 2.7.8 Security Update
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
Discourse 2.8.0.beta4 Security Update
A new Discourse update includes two security fixes. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse";...