CVE-2022-39270
CVE-2022-39270 affects the DiscoTOC Discourse theme component. The vulnerability arises from lack of escaping/filtering of input data on pages that can create topics in toC-enabled categories, allowing users with topic-creation rights and sufficient trust level to inject arbitrary HTML on the top...