10 matches found
PT-2026-48988
Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description When the SiteSetting.tags listed by group setting is enabled, the DetailedTagSerializertag group names function returns all tag...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of untrusted inputs during the tag group synchronization process. It could allow...
EUVD-2024-36564
Malicious code in bioql PyPI...
CVE-2021-43792
Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group e.g. staff to view certain tags. Users who were tracking or watching th...
BIT-DISCOURSE-2024-37299 Discourse vulnerable to DoS via Tag Group
Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5...
CVE-2024-37299 Discourse vulnerable to DoS via Tag Group
Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5...
CVE-2024-37299 Discourse vulnerable to DoS via Tag Group
Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5...
CVE-2024-37299
Discourse (open source forum platform) is vulnerable to DoS via crafting very long tag group names. Affects versions prior to 3.2.5 and 3.3.0.beta5; the issue reduces availability of a Discourse instance. Remediation: upgrade to 3.2.5 or 3.3.0.beta5 (fixed in those releases). Public details in th...
Discourse 安全漏洞
Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse that stems from the fact that writing requests that submit very long tag group names may reduce the...
CVE-2017-12199
The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogueupdateorder list-item, videoupdateorder video-item, imageupdateorder list-item, taggroupupdateorder listitem, categoryproductsupdateorder...