| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-24824 | Anonymous user cache poisoning in discourse | discourse | discourse | Medium | 5.3 | 2022-04-14 21:15:14 | Deep Dive |
| CVE-2022-24804 | Private group name exposure in discourse | discourse | discourse | Medium | 5.3 | 2022-04-11 19:16:17 | Deep Dive |
| CVE-2022-24782 | Secure category names leaked via user activity export in Discourse | discourse | discourse | Medium | 4.3 | 2022-03-24 20:35:10 | Deep Dive |
| CVE-2022-23641 | Denial of Service in Discourse | discourse | discourse | Medium | 6.5 | 2022-02-15 20:15:11 | Deep Dive |
| CVE-2022-21677 | Group advanced search option may leak group and group's members visibility | discourse | discourse | Medium | 4.3 | 2022-01-14 16:45:17 | Deep Dive |
| CVE-2022-21684 | User can bypass approval when invited to Discourse | discourse | discourse | Medium | 4.3 | 2022-01-13 21:05:11 | Deep Dive |
| CVE-2022-21678 | User's bio visible even if profile is restricted in Discourse | discourse | discourse | Medium | 4.3 | 2022-01-13 17:30:12 | Deep Dive |
| CVE-2022-21642 | Exposure of whisper participants in discourse | discourse | discourse | Medium | 4.3 | 2022-01-05 19:05:10 | Deep Dive |
| CVE-2021-43850 | Denial of Service in discourse | discourse | discourse | Medium | 6.8 | 2022-01-04 19:35:11 | Deep Dive |
| CVE-2021-43840 | Path traversal in message_bus | discourse | message_bus | Medium | 4.4 | 2021-12-17 18:15:11 | Deep Dive |
| CVE-2021-43827 | Inline footnotes wrapped in <a> tags can cause errors in discourse-footnotes | discourse | discourse-footnote | Medium | 4.3 | 2021-12-14 22:20:09 | Deep Dive |
| CVE-2021-43793 | Bypass of Poll voting limits in Discourse | discourse | discourse | Medium | 4.3 | 2021-12-01 19:40:15 | Deep Dive |
| CVE-2021-43794 | Anonymous user cache poisoning via development-mode header in Discourse | discourse | discourse | Medium | 5.3 | 2021-12-01 19:40:10 | Deep Dive |
| CVE-2021-43792 | Notifications leak in Discourse | discourse | discourse | Medium | 4.3 | 2021-12-01 19:35:17 | Deep Dive |
| CVE-2021-41271 | Cache poisoning via maliciously-formed request in discourse | discourse | discourse | Medium | 4.8 | 2021-11-15 21:20:11 | Deep Dive |
| CVE-2021-41263 | Secure/signed cookies share secrets between sites in rails_multisite | discourse | rails_multisite | High | 8.3 | 2021-11-15 20:10:11 | Deep Dive |
| CVE-2021-41163 | RCE via malicious SNS subscription payload | discourse | discourse | Critical | 10.0 | 2021-10-20 22:30:14 | Deep Dive |
| CVE-2021-41140 | Reactions leak for secure category topics and private messages | discourse | discourse-reactions | Medium | 5.3 | 2021-10-19 18:05:11 | Deep Dive |
| CVE-2021-41095 | XSS via blocked watched word in error message | discourse | discourse | Medium | 4.2 | 2021-09-27 19:30:11 | Deep Dive |
| CVE-2021-41082 | Private message title and participating users leaked in discourse | discourse | discourse | High | 7.5 | 2021-09-20 20:20:11 | Deep Dive |