Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-41777

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00224EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 11:21 p.m.1 views

CVE-2022-39270

DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories and have sufficient trust level - configured in component's settings are able to inject arbitrary HTML on that topic's page. The issue has been fixed on th...

5.4CVSS5.6AI score0.00224EPSS
Exploits0References1
CNVD
CNVDadded 2022/10/10 12:0 a.m.27 views

Discourse DiscoTOC Cross-Site Scripting Vulnerability

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.A cross-site scripting vulnerability exists in versions prior to Discourse DiscoTOC 2.1.0, which stems from the lack of escaping and filtering of input data on pages that can...

5.4CVSS2.2AI score0.00224EPSS
Exploits0References1
Prion
Prionadded 2022/10/06 6:16 p.m.11 views

Code injection

DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories and have sufficient trust level - configured in component's settings are able to inject arbitrary HTML on that topic's page. The issue has been fixed on th...

4.9CVSS5.5AI score0.00224EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2022/10/06 12:0 a.m.1 views

Discourse 跨站脚本漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.A cross-site scripting vulnerability exists in versions prior to Discourse DiscoTOC 2.1.0, which stems from the lack of escaping and filtering of input data on pages that can...

5.4CVSS6.1AI score0.00224EPSS
Exploits0References3
CVE
CVEadded 2022/10/06 12:0 a.m.49 views

CVE-2022-39270

CVE-2022-39270 affects the DiscoTOC Discourse theme component. The vulnerability arises from lack of escaping/filtering of input data on pages that can create topics in toC-enabled categories, allowing users with topic-creation rights and sufficient trust level to inject arbitrary HTML on the top...

5.4CVSS5.5AI score0.00224EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/10/06 12:0 a.m.18 views

CVE-2022-39270 Arbitrary HTML injection in table-of-contents theme component in DiscoTOC

DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories and have sufficient trust level - configured in component's settings are able to inject arbitrary HTML on that topic's page. The issue has been fixed on th...

5.4CVSS5.7AI score0.00224EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/10/06 12:0 a.m.1 views

PT-2022-24858 · Discotoc · Discotoc

Name of the Vulnerable Software and Affected Versions: DiscoTOC versions prior to the fixed version on the main branch Description: The issue allows users to inject arbitrary HTML on a topic's page if they can create topics in TOC-enabled categories and have a sufficient trust level. The estimate...

5.4CVSS5.3AI score0.00224EPSS
Exploits0References6
Rows per page
Query Builder