Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:14 a.m.6 views

CVE-2023-30538

Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed versions of Discourse. Use...

5.4CVSS7AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2023/04/18 9:25 p.m.57 views

CVE-2023-30538

CVE-2023-30538 affects the Discourse open source platform. The issue results from improper sanitization of SVG files, allowing an attacker to execute arbitrary JavaScript in users’ browsers when uploading a crafted SVG. The vulnerability is mitigated in the latest stable and tests-passed Discours...

5.4CVSS5.5AI score0.00364EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/18 9:25 p.m.6 views

CVE-2023-30538 Stored Cross-site Scripting via improper sanitization of svg files in Discourse

Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed versions of Discourse. Use...

5.4CVSS6.9AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/18 9:25 p.m.28 views

CVE-2023-30538 Stored Cross-site Scripting via improper sanitization of svg files in Discourse

Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed versions of Discourse. Use...

5.4CVSS6AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2023/04/18 9:25 p.m.22 views

CVE-2023-30538 Stored Cross-site Scripting via improper sanitization of svg files in Discourse

Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed versions of Discourse. Use...

5.4CVSS5.6AI score0.00364EPSS
Exploits0References3
Rows per page
Query Builder