CVE-2021-32764

Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is...

Design/Logic Flaw

Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is...

PT-2021-19913 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions 2.7.5 and prior Description: Discourse is an open-source discussion platform. The parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks in versions where the default Content Security Policy has been...

Discourse 跨站脚本漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.A cross-site scripting vulnerability exists in Discourse 2.7.5 and prior versions, which stems from the fact that parsing and rendering YouTube Oneboxes may be vulnerable to...