Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Discourse — Vulnerabilities & Security Advisories 265

Browse all 265 CVE security advisories affecting Discourse. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Discourse is an open-source discussion platform primarily utilized for community forums and online communities. Its architecture, built on Ruby on Rails and Ember.js, has historically exposed it to common web application vulnerabilities. Recorded Common Vulnerabilities and Exposures (CVEs) frequently involve cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from improper input validation or insecure deserialization. While the platform employs modern security practices like Content Security Policy and automated testing, its complexity and extensive plugin ecosystem create a broad attack surface. Notable incidents have included arbitrary file read vulnerabilities and session fixation issues, prompting rapid patches from the core team. The high volume of CVEs reflects the software’s active development cycle and the rigorous scrutiny applied to its codebase, rather than inherent systemic failure. Administrators must prioritize regular updates and strict plugin management to mitigate these risks effectively.

Top products by Discourse: discourse discourse-calendar discourse-reactions discourse-chat discourse-ai discourse-policy discourse-code-review discourse-placeholder-theme-component WP Discourse discourse-microsoft-auth discourse-group-membership-ip-block discourse-jira discourse-encrypt discourse-yearly-review discourse-mermaid-theme-component discourse-bbcode discourse-patreon DiscoTOC discourse-assign message_bus discourse-footnote rails_multisite
CVE IDTitleCVSSSeverityPublished
CVE-2026-34947 Discourse: Staged user custom fields are exposed on public invite pages — discourseCWE-200 4.3AIMediumAI2026-04-03
CVE-2026-27481 Discourse: Hidden tag visibility bypass on tag routes — discourseCWE-200 5.3AIMediumAI2026-04-03
CVE-2026-33415 Discourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content Exposure — discourseCWE-284 2.7 -2026-03-31
CVE-2026-33300 Discourse: Hidden group names and access metadata are exposed to moderators through the `category-chatables` endpoint — discourseCWE-200 4.3 -2026-03-31
CVE-2026-33185 Discourse: Group SMTP test endpoint susceptible to SSRF — discourseCWE-918 4.3 -2026-03-31
CVE-2026-33074 Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions — discourseCWE-269 7.1 -2026-03-31
CVE-2026-32951 Discourse: Authorization bypass in oneboxer via user-controlled category id — discourseCWE-200 4.3 Medium2026-03-31
CVE-2026-32620 Discourse: Missing post-level authorization allows whisper metadata disclosure — discourseCWE-200 4.3 -2026-03-31
CVE-2026-32619 Discourse: Insufficient topic visibility check allows unauthorized poll manipulation in private categories — discourseCWE-285 5.4 -2026-03-31
CVE-2026-32618 Discourse: Unauthorized channel membership inference via excluded_memberships_channel_id — discourseCWE-200 4.3 Medium2026-03-31
CVE-2026-32615 Discourse: Category group moderators can perform actions on topics in restricted categories without read access — discourseCWE-285 7.1 -2026-03-31
CVE-2026-32607 Discourse: Stored XSS via unescaped assignee name — discourseCWE-79 5.4 -2026-03-31
CVE-2026-32273 Discourse: XSS on category description update via API — discourseCWE-79 5.4 Medium2026-03-31
CVE-2026-32243 Discourse: Stored XSS in discourse-ai shared conversations onebox — discourseCWE-79 5.4 -2026-03-31
CVE-2026-32143 Discourse: Admin-only report can be exported by moderators — discourseCWE-200 6.5 -2026-03-31
CVE-2026-32113 Discourse: Open redirect via `sso_destination_url` cookie in `enter` — discourseCWE-601 6.4 -2026-03-31
CVE-2026-33073 discourse-subscriptions plugin leaking stripe API key in multisite environment — discourseCWE-200 6.5 -2026-03-31
CVE-2026-33428 Discourse Allows Unauthorized Access to Deleted Posts Index via Group Membership — discourseCWE-863 5.4 -2026-03-20
CVE-2026-33427 Discourse Authorization Page Displays Unvalidated Redirect Domain — discourseCWE-862 4.3 -2026-03-20
CVE-2026-33426 Discourse users can edit or synonymize hidden tags they can't see — discourseCWE-862 3.5 Low2026-03-20
CVE-2026-33425 Discourse has inferable private group membership or existence via exclude_groups parameter — discourseCWE-203 5.3 -2026-03-20
CVE-2026-33424 PM access granted through invites after access revocation — discourseCWE-863 5.9 Medium2026-03-20
CVE-2026-33423 Discourse staff can modify any user's group notification level — discourseCWE-862 4.3 -2026-03-20
CVE-2026-33422 Discourse exposes ip_address of flagged user — discourseCWE-200 3.5 Low2026-03-20
CVE-2026-33411 Discourse's solved topic stream has potential stored XSS in topic title — discourseCWE-79 5.4 Medium2026-03-20
CVE-2026-33291 Discourse user can create Zendesk tickets even when it does not have access to topic — discourseCWE-863 4.3 -2026-03-20
CVE-2026-33251 Discourse has a Hidden Solved topics permission bypass — discourseCWE-863 5.4 Medium2026-03-20
CVE-2026-32114 Discourse's unscoped status lookups leak restricted metadata — discourseCWE-639 4.3 -2026-03-20
CVE-2026-31869 Discourse: Composer mentions endpoint leaks hidden group membership through PM `allowed_names` check — discourseCWE-200 4.3 -2026-03-20
CVE-2026-31805 Discourse has a poll authorization bypass via post_id array parameter — discourseCWE-863 5.3 Medium2026-03-20

This page lists every published CVE security advisory associated with Discourse. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.