Lucene search
K

2933 matches found

Nuclei
Nuclei
added 15 hours ago41 views

Discourse OAuth Social Login - Cross-site Scripting

Discourse versions prior to 3.5.0.beta6 contain a stored Cross-Site Scripting XSS vulnerability in the OAuth/social login functionality. The vulnerability is caused by lack of proper content security policy enforcement when processing social login failures,allowing remote attackers to inject and...

8.1CVSS6.2AI score0.0063EPSS
Exploits0References2
Nuclei
Nuclei
added 15 hours ago81 views

Discourse Backup File Disclosure Via Default Nginx Configuration

Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use FileStore--LocalStore which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick...

7.5CVSS7AI score0.25431EPSS
Exploits0References2
NVD
NVD
added 3 days ago7 views

CVE-2026-59828

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS0.00314EPSS
Exploits0References9
NVD
NVD
added 3 days ago6 views

CVE-2026-55424

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a topic "featured link" was not sufficiently normalized and escaped before being rendered in the topic list, allowing a user who can set a featured link to inject JavaScript when default Content...

7.4CVSS0.00468EPSS
Exploits0References9
NVD
NVD
added 3 days ago5 views

CVE-2026-46413

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, regular users could route direct S3 multipart uploads through ExternalUploadManager into the admin backup store. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5...

6.5CVSS0.00366EPSS
Exploits0References9
NVD
NVD
added 3 days ago6 views

CVE-2026-53961

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the AWS SES bounce webhook at POST /webhooks/aws verified that SNS messages were signed by Amazon but did not bind them to trusted TopicArn values, allowing any AWS account holder to publish...

6.5CVSS0.00221EPSS
Exploits0References9
NVD
NVD
added 3 days ago6 views

CVE-2026-53962

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, insufficient SVG sanitization in upload and user avatar handling could lead to cross-site scripting when a user visited specific URLs that are not normally part of community browsing. This issue ...

5.4CVSS0.00264EPSS
Exploits0References9
NVD
NVD
added 3 days ago6 views

CVE-2026-49256

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and tag-group names attached to publicly readable categories as allowedtags, allowedtaggroups, or required tag groups could leak to anonymous and unauthorized users through categor...

6.3CVSS0.00384EPSS
Exploits0References5
NVD
NVD
added 3 days ago6 views

CVE-2026-53963

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a malicious second factor name on an attacker-controlled account was not escaped in the delete confirmation dialog, allowing stored cross-site scripting when an administrator impersonated that...

7.3CVSS0.00392EPSS
Exploits0References9
NVD
NVD
added 3 days ago8 views

CVE-2026-44787

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the signup flow could allow newly registered users to set primarygroupid and gain whisper-group privileges without legitimate group membership on sites with whispersallowedgroups configured. This...

8.2CVSS0.00309EPSS
Exploits0References9
NVD
NVD
added 3 days ago5 views

CVE-2026-45780

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event invitee list. This...

5.3CVSS0.00399EPSS
Exploits0References9
NVD
NVD
added 3 days ago10 views

CVE-2026-45788

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, secure uploads could be exposed by pullhotlinkedimages when an attacker knew the secured upload URL and the secureuploads site setting was enabled. This issue is fixed in versions 2026.6.0,...

6.3CVSS0.00466EPSS
Exploits0References9
CVE
CVE
added 3 days ago12 views

CVE-2026-45780

CVE-2026-45780 affects Discourse prior to versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5. The issue arises in EventSerializer, which could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event ...

5.3CVSS5.9AI score0.00399EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 3 days ago7 views

CVE-2026-45780

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event invitee list. This...

5.3CVSS5.9AI score0.00399EPSS
Exploits0References10Affected Software1
CVE
CVE
added 3 days ago7 views

CVE-2026-53963

Discourse (open‑source discussion platform) has a stored XSS in the delete confirmation dialog for a malicious second factor name on an attacker‑controlled account. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, this name was not escaped, enabling XSS when an administrator impersonates that...

7.3CVSS5.8AI score0.00392EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-53963

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a malicious second factor name on an attacker-controlled account was not escaped in the delete confirmation dialog, allowing stored cross-site scripting when an administrator impersonated that...

7.3CVSS5.8AI score0.00392EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-59828 Discourse: Hidden post revisions leak through adjacent visible diffs

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS0.00314EPSS
Exploits0References9
CVE
CVE
added 3 days ago10 views

CVE-2026-59828

CVE-2026-59828 affects the Discourse open‑source discussion platform. Before versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This could di...

5.3CVSS5.9AI score0.00314EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-59828

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS5.9AI score0.00314EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-44787 Discourse: Signup-time primary_group_id assignment grants whisperer access

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the signup flow could allow newly registered users to set primarygroupid and gain whisper-group privileges without legitimate group membership on sites with whispersallowedgroups configured. This...

8.2CVSS0.00309EPSS
Exploits0References9
Rows per page
Query Builder