pkg:Bitnami/discourse

All known vulnerabilities

• CRITICAL9.9CVE-2025-68662FinalDestination hostname matching allows SSRF protection bypass
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2025.12.1, >= 2026.1.0, < 2026.1.0
• CRITICAL9.8CVE-2021-41163RCE via malicious SNS subscription payload
  from 0, < 2.7.9
• CRITICAL9.8CVE-2023-47121Discourse SSRF vulnerability in Embedding
  from 0, < 3.2.0
• CRITICAL9.1Bypass of Discourse Connect using other login paths if enabled in Discourse
  from 0, < 3.3.3
• HIGH8.8User can bypass approval when invited to Discourse
  from 0, < 2.7.13
• HIGH8.8Discourse user account takeover via email and invite link
  from 0, < 2.8.10
• HIGH8.2Discourse has a poll authorization bypass via post_id array parameter
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• HIGH8.2Anonymous cache poisoning via XHR requests in Discourse
  from 0, < 3.3.2
• HIGH8.2Anonymous cache poisoning via request headers in Discourse
  from 0, < 3.3.2
• HIGH8.2Bypass of email address validation via encoded email addresses in Discourse
  from 0, < 3.3.2
• HIGH8.2Anonymous cache poisoning via XHR requests in Discourse
  from 0, < 3.3.2
• HIGH8.1Discourse password reset link can lead to in account takeover if user changes to a new email
  from 0, < 2.8.14
• HIGH8.1Discourse's SSRF protection missing for some FastImage requests
  from 0, < 3.1.0
• HIGH7.5Discourse has IDOR vulnerability in the directory items endpoint
  from 0, < 2025.12.2, >= 2026.1.0, < 2026.1.1
• HIGH7.5Discourse has authentication bypass vulnerability in the Patreon plugin webhook endpoint
  from 0, < 2025.12.2, >= 2026.1.0, < 2026.1.1
• HIGH7.5Discourse vulnerable to DoS via Tag Group
  from 0, < 3.2.5
• HIGH7.5Discourse vulnerable to DoS through Onebox
  from 0, < 3.2.3
• HIGH7.5No rate limits on POST /uploads endpoint in Discourse
  from 0, < 3.2.1
• HIGH7.5Disclosure of the existence of secret categories with custom backgrounds in Discourse
  from 0, < 3.2.1
• HIGH7.5In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms.
  from 0, <= 2.6.0
• HIGH7.5Re-use of email tokens in Discourse
  from 0, < 2.7.8
• HIGH7.5Email activation route can be abused by spammers in Discourse
  from 0, <= 2.8.6
• HIGH7.5Discourse vulnerable to ReDoS in user agent parsing
  from 0, < 3.0.1
• HIGH7.5Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses
  from 0, < 3.1.0
• HIGH7.5Discourse vulnerable to ossible DDoS due to unbounded limits in various controller actions
  from 0, < 3.0.6
• HIGH7.5Malicious requests can fill up the log files resulting in a deinal of service in Discourse
  from 0, <= 3.1.1
• HIGH7.5Unauthenticated access to new private chat messages in Discourse
  from 0, <= 3.1.1
• HIGH7.5Discourse DoS through Onebox favicon URL
  >= 3.1.0, < 3.1.3
• HIGH7.5Discourse vulnerable to unlimited mentioned users in message serializer
  from 0, < 3.1.4
• HIGH7.2Discourse vulnerable to RCE via admins uploading maliciously zipped file
  from 0, < 2.8.9
• HIGH7.2Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate.
  from 0, < 2.8.8
• MEDIUM6.8Denial of Service in discourse
  from 0, < 2.7.12
• MEDIUM6.8Discourse is an open source discussion platform.
  >= 1.1.0-beta1, <= 1.1.0-beta1, >= 1.1.0-beta2, <= 1.1.0-beta2, >= 1.1.0-beta3, <= 1.1.0-beta3, >= 1.1.0-beta4, <= 1.1.0-beta4, >= 1.1.0-beta5, <= 1.1.0-beta5, >= 1.1.0-beta6, <= 1.1.0-beta6, >= 1.1.0-beta6b, <= 1.1.0-beta6b, >= 1.1.0-beta7, <= 1.1.0-beta7, >= 1.1.0-beta8, <= 1.1.0-beta8, >= 1.2.0-beta1, <= 1.2.0-beta1, >= 1.2.0-beta2, <= 1.2.0-beta2, >= 1.2.0-beta3, <= 1.2.0-beta3, >= 1.2.0-beta4, <= 1.2.0-beta4, >= 1.2.0-beta5, <= 1.2.0-beta5, >= 1.2.0-beta6, <= 1.2.0-beta6, >= 1.2.0-beta7, <= 1.2.0-beta7, >= 1.2.0-beta8, <= 1.2.0-beta8, >= 1.2.0-beta9, <= 1.2.0-beta9, >= 1.3.0-beta1, <= 1.3.0-beta1, >= 1.3.0-beta10, <= 1.3.0-beta10, >= 1.3.0-beta11, <= 1.3.0-beta11, >= 1.3.0-beta2, <= 1.3.0-beta2, >= 1.3.0-beta3, <= 1.3.0-beta3, >= 1.3.0-beta4, <= 1.3.0-beta4, >= 1.3.0-beta5, <= 1.3.0-beta5, >= 1.3.0-beta6, <= 1.3.0-beta6, >= 1.3.0-beta7, <= 1.3.0-beta7, >= 1.3.0-beta8, <= 1.3.0-beta8, >= 1.3.0-beta9, <= 1.3.0-beta9, >= 1.4.0-beta1, <= 1.4.0-beta1, >= 1.4.0-beta10, <= 1.4.0-beta10, >= 1.4.0-beta11, <= 1.4.0-beta11, >= 1.4.0-beta12, <= 1.4.0-beta12, >= 1.4.0-beta2, <= 1.4.0-beta2, >= 1.4.0-beta3, <= 1.4.0-beta3, >= 1.4.0-beta4, <= 1.4.0-beta4, >= 1.4.0-beta5, <= 1.4.0-beta5, >= 1.4.0-beta6, <= 1.4.0-beta6, >= 1.4.0-beta7, <= 1.4.0-beta7, >= 1.4.0-beta8, <= 1.4.0-beta8, >= 1.4.0-beta9, <= 1.4.0-beta9, >= 1.5.0-beta1, <= 1.5.0-beta1, >= 1.5.0-beta10, <= 1.5.0-beta10, >= 1.5.0-beta11, <= 1.5.0-beta11, >= 1.5.0-beta12, <= 1.5.0-beta12, >= 1.5.0-beta13, <= 1.5.0-beta13, >= 1.5.0-beta13b, <= 1.5.0-beta13b, >= 1.5.0-beta14, <= 1.5.0-beta14, >= 1.5.0-beta2, <= 1.5.0-beta2, >= 1.5.0-beta3, <= 1.5.0-beta3, >= 1.5.0-beta4, <= 1.5.0-beta4, >= 1.5.0-beta5, <= 1.5.0-beta5, >= 1.5.0-beta6, <= 1.5.0-beta6, >= 1.5.0-beta7, <= 1.5.0-beta7, >= 1.5.0-beta8, <= 1.5.0-beta8, >= 1.5.0-beta9, <= 1.5.0-beta9, >= 1.6.0-beta1, <= 1.6.0-beta1, >= 1.6.0-beta10, <= 1.6.0-beta10, >= 1.6.0-beta11, <= 1.6.0-beta11, >= 1.6.0-beta12, <= 1.6.0-beta12, >= 1.6.0-beta2, <= 1.6.0-beta2, >= 1.6.0-beta3, <= 1.6.0-beta3, >= 1.6.0-beta4, <= 1.6.0-beta4, >= 1.6.0-beta5, <= 1.6.0-beta5, >= 1.6.0-beta6, <= 1.6.0-beta6, >= 1.6.0-beta7, <= 1.6.0-beta7, >= 1.6.0-beta8, <= 1.6.0-beta8, >= 1.6.0-beta9, <= 1.6.0-beta9, >= 1.7.0-beta1, <= 1.7.0-beta1, >= 1.7.0-beta10, <= 1.7.0-beta10, >= 1.7.0-beta11, <= 1.7.0-beta11, >= 1.7.0-beta2, <= 1.7.0-beta2, >= 1.7.0-beta3, <= 1.7.0-beta3, >= 1.7.0-beta4, <= 1.7.0-beta4, >= 1.7.0-beta5, <= 1.7.0-beta5, >= 1.7.0-beta6, <= 1.7.0-beta6, >= 1.7.0-beta7, <= 1.7.0-beta7, >= 1.7.0-beta8, <= 1.7.0-beta8, >= 1.7.0-beta9, <= 1.7.0-beta9, >= 1.8.0-beta1, <= 1.8.0-beta1, >= 1.8.0-beta10, <= 1.8.0-beta10, >= 1.8.0-beta11, <= 1.8.0-beta11, >= 1.8.0-beta12, <= 1.8.0-beta12, >= 1.8.0-beta13, <= 1.8.0-beta13, >= 1.8.0-beta2, <= 1.8.0-beta2, >= 1.8.0-beta3, <= 1.8.0-beta3, >= 1.8.0-beta4, <= 1.8.0-beta4, >= 1.8.0-beta5, <= 1.8.0-beta5, >= 1.8.0-beta6, <= 1.8.0-beta6, >= 1.8.0-beta7, <= 1.8.0-beta7, >= 1.8.0-beta8, <= 1.8.0-beta8, >= 1.8.0-beta9, <= 1.8.0-beta9, >= 1.9.0-beta1, <= 1.9.0-beta1, >= 1.9.0-beta10, <= 1.9.0-beta10, >= 1.9.0-beta11, <= 1.9.0-beta11, >= 1.9.0-beta12, <= 1.9.0-beta12, >= 1.9.0-beta13, <= 1.9.0-beta13, >= 1.9.0-beta14, <= 1.9.0-beta14, >= 1.9.0-beta15, <= 1.9.0-beta15, >= 1.9.0-beta16, <= 1.9.0-beta16, >= 1.9.0-beta17, <= 1.9.0-beta17, >= 1.9.0-beta2, <= 1.9.0-beta2, >= 1.9.0-beta3, <= 1.9.0-beta3, >= 1.9.0-beta4, <= 1.9.0-beta4, >= 1.9.0-beta5, <= 1.9.0-beta5, >= 1.9.0-beta6, <= 1.9.0-beta6, >= 1.9.0-beta7, <= 1.9.0-beta7, >= 1.9.0-beta8, <= 1.9.0-beta8, >= 1.9.0-beta9, <= 1.9.0-beta9, >= 2.0.0-beta1, <= 2.0.0-beta1, >= 2.0.0-beta10, <= 2.0.0-beta10, >= 2.0.0-beta2, <= 2.0.0-beta2, >= 2.0.0-beta3, <= 2.0.0-beta3, >= 2.0.0-beta4, <= 2.0.0-beta4, >= 2.0.0-beta5, <= 2.0.0-beta5, >= 2.0.0-beta6, <= 2.0.0-beta6, >= 2.0.0-beta7, <= 2.0.0-beta7, >= 2.0.0-beta8, <= 2.0.0-beta8, >= 2.0.0-beta9, <= 2.0.0-beta9, >= 2.1.0-beta1, <= 2.1.0-beta1, >= 2.1.0-beta2, <= 2.1.0-beta2, >= 2.1.0-beta3, <= 2.1.0-beta3, >= 2.1.0-beta4, <= 2.1.0-beta4, >= 2.1.0-beta5, <= 2.1.0-beta5, >= 2.1.0-beta6, <= 2.1.0-beta6, >= 2.2.0-beta1, <= 2.2.0-beta1, >= 2.2.0-beta10, <= 2.2.0-beta10, >= 2.2.0-beta2, <= 2.2.0-beta2, >= 2.2.0-beta3, <= 2.2.0-beta3, >= 2.2.0-beta4, <= 2.2.0-beta4, >= 2.2.0-beta5, <= 2.2.0-beta5, >= 2.2.0-beta6, <= 2.2.0-beta6, >= 2.2.0-beta7, <= 2.2.0-beta7, >= 2.2.0-beta8, <= 2.2.0-beta8, >= 2.2.0-beta9, <= 2.2.0-beta9, >= 2.3.0-beta1, <= 2.3.0-beta1, >= 2.3.0-beta10, <= 2.3.0-beta10, >= 2.3.0-beta11, <= 2.3.0-beta11, >= 2.3.0-beta2, <= 2.3.0-beta2, >= 2.3.0-beta3, <= 2.3.0-beta3, >= 2.3.0-beta4, <= 2.3.0-beta4, >= 2.3.0-beta5, <= 2.3.0-beta5, >= 2.3.0-beta6, <= 2.3.0-beta6, >= 2.3.0-beta7, <= 2.3.0-beta7, >= 2.3.0-beta8, <= 2.3.0-beta8, >= 2.3.0-beta9, <= 2.3.0-beta9, >= 2.4.0-beta1, <= 2.4.0-beta1, >= 2.4.0-beta10, <= 2.4.0-beta10, >= 2.4.0-beta11, <= 2.4.0-beta11, >= 2.4.0-beta2, <= 2.4.0-beta2, >= 2.4.0-beta3, <= 2.4.0-beta3, >= 2.4.0-beta4, <= 2.4.0-beta4, >= 2.4.0-beta5, <= 2.4.0-beta5, >= 2.4.0-beta6, <= 2.4.0-beta6, >= 2.4.0-beta7, <= 2.4.0-beta7, >= 2.4.0-beta8, <= 2.4.0-beta8, >= 2.4.0-beta9, <= 2.4.0-beta9, >= 2.5.0-beta1, <= 2.5.0-beta1, >= 2.5.0-beta2, <= 2.5.0-beta2, >= 2.5.0-beta3, <= 2.5.0-beta3, >= 2.5.0-beta4, <= 2.5.0-beta4, >= 2.5.0-beta5, <= 2.5.0-beta5, >= 2.5.0-beta6, <= 2.5.0-beta6, >= 2.5.0-beta7, <= 2.5.0-beta7, >= 2.6.0-beta1, <= 2.6.0-beta1, >= 2.6.0-beta2, <= 2.6.0-beta2, >= 2.6.0-beta3, <= 2.6.0-beta3, >= 2.6.0-beta4, <= 2.6.0-beta4, >= 2.6.0-beta5, <= 2.6.0-beta5, >= 2.6.0-beta6, <= 2.6.0-beta6, >= 2.7.0-beta1, <= 2.7.0-beta1, >= 2.7.0-beta2, <= 2.7.0-beta2, >= 2.7.0-beta3, <= 2.7.0-beta3, >= 2.7.0-beta4, <= 2.7.0-beta4, >= 2.7.0-beta5, <= 2.7.0-beta5, >= 2.7.0-beta6, <= 2.7.0-beta6, >= 2.7.0-beta7, <= 2.7.0-beta7, >= 2.7.0-beta8, <= 2.7.0-beta8, >= 2.7.0-beta9, <= 2.7.0-beta9, >= 2.8.0-beta1, <= 2.8.0-beta1, >= 2.8.0-beta10, <= 2.8.0-beta10, >= 2.8.0-beta11, <= 2.8.0-beta11, >= 2.8.0-beta2, <= 2.8.0-beta2, >= 2.8.0-beta3, <= 2.8.0-beta3, >= 2.8.0-beta4, <= 2.8.0-beta4, >= 2.8.0-beta5, <= 2.8.0-beta5, >= 2.8.0-beta6, <= 2.8.0-beta6, >= 2.8.0-beta7, <= 2.8.0-beta7, >= 2.8.0-beta8, <= 2.8.0-beta8, >= 2.8.0-beta9, <= 2.8.0-beta9, >= 2.9.0-beta1, <= 2.9.0-beta1, >= 2.9.0-beta10, <= 2.9.0-beta10, >= 2.9.0-beta11, <= 2.9.0-beta11, >= 2.9.0-beta12, <= 2.9.0-beta12, >= 2.9.0-beta13, <= 2.9.0-beta13, >= 2.9.0-beta14, <= 2.9.0-beta14, >= 2.9.0-beta2, <= 2.9.0-beta2, >= 2.9.0-beta3, <= 2.9.0-beta3, >= 2.9.0-beta4, <= 2.9.0-beta4, >= 2.9.0-beta5, <= 2.9.0-beta5, >= 2.9.0-beta6, <= 2.9.0-beta6, >= 2.9.0-beta7, <= 2.9.0-beta7, >= 2.9.0-beta8, <= 2.9.0-beta8, >= 2.9.0-beta9, <= 2.9.0-beta9, >= 3.0.0-beta15, <= 3.0.0-beta15, >= 3.0.0-beta16, <= 3.0.0-beta16, >= 3.1.0-beta1, <= 3.1.0-beta1, >= 3.1.0-beta2, <= 3.1.0-beta2, >= 3.1.0-beta3, <= 3.1.0-beta3, >= 3.1.0-beta5, <= 3.1.0-beta5, >= 3.1.0-beta6, <= 3.1.0-beta6
• MEDIUM6.5Discourse filters whisper posts from private-posts feed
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM6.5Discourse prevents hidden profile data leak via user onebox
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM6.5Discourse doesn't ensure webhooks require a token
  from 0, < 2025.12.2, >= 2026.1.0, < 2026.1.1
• MEDIUM6.5Discourse staff action logs expose sensitive information to moderators
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2025.12.1, >= 2026.1.0, < 2026.1.0
• MEDIUM6.5Discourse topic conversion permission vulnerability for moderators
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2025.12.1, >= 2026.1.0, < 2026.1.0
• MEDIUM6.5Discourse Has Denial of Service (DoS) Vulnerability in Drafts Creation Endpoint
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2026.1.0
• MEDIUM6.5Partial denial of service via inline oneboxes in Discourse
  from 0, < 3.3.3
• MEDIUM6.5Discourse missing authorization checks for suspending admins/moderators
  from 0, < 3.2.3
• MEDIUM6.5Denial of service through invites in Discourse
  from 0, < 3.2.1
• MEDIUM6.5Denial of service via Staff Actions in Discourse
  from 0, < 3.2.1
• MEDIUM6.5Discourse is an option source discussion platform.
  from 0, < 2.8.14
• MEDIUM6.5Discourse vulnerable to bypass of post max_length using HTML comments
  from 0, < 2.8.14
• MEDIUM6.5Denial of Service in Discourse
  from 0, < 2.8.1
• MEDIUM6.5Discourse is an open source discussion platform.
  >= 2.9.0-beta5, <= 2.9.0-beta5, >= 2.9.0-beta6, <= 2.9.0-beta6, >= 2.9.0-beta7, <= 2.9.0-beta7, >= 2.9.0-beta8, <= 2.9.0-beta8, >= 2.9.0-beta9, <= 2.9.0-beta9
• MEDIUM6.5Users erroneously and transparently added to private messages in Discourse
  from 0, < 2.8.10
• MEDIUM6.5Discourse subject to Allocation of Resources Without Limits or Throttling
  from 0, < 3.0.1
• MEDIUM6.5Discourse vulnerable to Allocation of Resources Without Limits via Chat drafts
  from 0, < 3.0.1
• MEDIUM6.5Discourse is an open-source discussion platform.
  >= 3.1.0-beta2, <= 3.1.0-beta2
• MEDIUM6.5Discourse is an open source discussion platform.
  >= 3.1.0-beta5, <= 3.1.0-beta5
• MEDIUM6.5Discourse vulnerable to DoS via defer queue
  from 0, < 3.0.6
• MEDIUM6.5Discourse vulnerable to DoS via drafts
  from 0, < 3.1.1
• MEDIUM6.5Discourse DoS via 2FA and Security Key Names
  from 0, < 3.1.1
• MEDIUM6.5Discourse DoS via remote theme assets
  from 0, < 3.1.1
• MEDIUM6.5Discourse DoS via SvgSprite cache
  from 0, < 3.1.1
• MEDIUM6.1Discourse allows script execution in uploaded HTML/XML files on S3
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2025.12.1, >= 2026.1.0, < 2026.1.0
• MEDIUM6.1Discourse vulnerable to XSS via user-provided query parameter in oauth failure flow
  from 0, < 3.5.0
• MEDIUM6.1Discourse vulnerable to HTML injection when inviting to topic via email
  from 0, < 3.4.4
• MEDIUM6.1HTMLi(XSS without CSP) via Onebox urls in Discourse
  from 0, < 3.4.0
• MEDIUM6.1Stored DOM-based XSS (without CSP) via video placeholders in Discourse
  from 0, < 3.4.0
• MEDIUM6.1Magnific lightbox susceptible to Cross-site Scripting in Discourse
  from 0, < 3.3.3
• MEDIUM6.1Cross-site Scripting (XSS) via chat excerpts when content security policy (CSP) disabled in Discourse
  from 0, < 3.3.2
• MEDIUM6.1Discourse has an XSS via Onebox system
  from 0, < 3.2.3
• MEDIUM6.1Discourse allows iframe injection though default site setting
  from 0, < 3.2.5
• MEDIUM6.1Discourse vulnerable to stored-dom XSS via Facebook Oneboxes
  from 0, < 3.2.3
• MEDIUM6.1XSS via d-popover and d-html-popover attribute
  from 0, < 2.7.8
• MEDIUM6.1XSS via blocked watched word in error message
  from 0, <= 2.7.7
• MEDIUM6.1Discourse vulnerable to Cross-site Scripting through pending post titles descriptions
  from 0, < 2.8.14
• MEDIUM6.1Discourse vulnerable to Cross-site Scripting through tag descriptions
  from 0, < 2.8.14
• MEDIUM6.1HTML injection via topic embedding in Discourse
  from 0, < 3.1.0
• MEDIUM6.1CSP nonce reuse vulnerability in Discourse
  from 0, < 3.0.5
• MEDIUM6.1HTML injection in oneboxed links
  from 0, < 3.2.0
• MEDIUM6.1Discourse improperly sanitized user input leads to XSS
  from 0, < 3.2.0
• MEDIUM5.9Potential Backup file leaked via Nginx in Discourse
  from 0, < 3.3.3
• MEDIUM5.7Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse
  from 0, <= 2.8.4
• MEDIUM5.7Regular expression denial of service via installing themes via git in discourse
  from 0, < 3.0.1
• MEDIUM5.5Discourse has moderator privilege escalation via arbitrary post_id in suspend/silence endpoint
  from 0, < 2026.3.0
• MEDIUM5.5Discourse vulnerable to private topic leak via email#send_digest
  from 0, < 2.9.0
• MEDIUM5.4Discourse: XSS on category description update via API
  >= 2026.1.0, < 2026.1.3, >= 2026.2.0, < 2026.2.2
• MEDIUM5.4Discourse's solved topic stream has potential stored XSS in topic title
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM5.4Discourse hardens chat DM channel creation and expansion
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM5.4Discourse has stored click‑based XSS via Graphviz SVG javascript: links
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM5.4Discourse has a Hidden Solved topics permission bypass
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM5.4Discourse vulnerable to HTML injection via prohibited iframe URLs
  >= 2026.1.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.0
• MEDIUM5.4DIscourse's discourse-policy plugin lacks post access check
  from 0, < 2025.12.2, >= 2026.1.0, < 2026.1.1
• MEDIUM5.4Discourse non-admin moderators can exfiltrate private content via post ownership transfer
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2025.12.1, >= 2026.1.0, < 2026.1.0
• MEDIUM5.4Discourse vulnerable to stored Cross-site Scripting via Katex in discourse-math plugin
  from 0, < 3.5.4, >= 2025.11.0, < 2025.11.2, >= 2025.12.0, < 2025.12.1, >= 2026.1.0, < 2026.1.0
• MEDIUM5.4Discourse is vulnerable to XSS when quoting chat messages
  from 0, < 3.5.1
• MEDIUM5.4Cross-site Scripting (XSS) via topic titles when CSP disabled in Discourse
  from 0, < 3.3.3
• MEDIUM5.4YouTube Onebox susceptible to XSS
  from 0, <= 2.7.5
• MEDIUM5.4Cross-site scripting via category name in Discourse
  from 0, < 2.7.8
• MEDIUM5.4Discourse allows self-XSS through malicious composer message
  from 0, < 2.8.11
• MEDIUM5.4Discourse vulnerable to Cross-site Scripting in local oneboxes
  from 0, < 2.8.13
• MEDIUM5.4Discourse vulnerable to Cross-site Scripting - user name displayed on post
  from 0, < 3.1.0
• MEDIUM5.4Stored Cross-site Scripting via improper sanitization of svg files in Discourse
  from 0, < 3.1.0 | from 0, <= 3.0.2
• MEDIUM5.4Cross-site Scripting via email preview when CSP disabled in Discourse
  from 0, <= 3.1.1
• MEDIUM5.4Discourse vulnerable to DoS via Regexp Injection in Full Name
  from 0, < 3.2.0
• MEDIUM5.4Bypassing height value allowed in some theme components
  from 0, < 3.2.0