Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
DiscourseDiscourse-chat*

3 matches found

CVE
CVEadded 2022/06/21 7:15 p.m.56 views

CVE-2022-31095

discourse-chat is a chat plugin for the Discourse application. Versions prior to 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpoint, primarily af...

6.5CVSS5.3AI score0.00196EPSS
CVE
CVEadded 2022/09/06 8:15 p.m.45 views

CVE-2022-36057

Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch for this issue.

5.4CVSS5AI score0.00067EPSS
CVE
CVEadded 2022/10/06 8:15 p.m.36 views

CVE-2022-39279

discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsafe HTML into them. Vers...

5.4CVSS4.8AI score0.00054EPSS