Shodan
Vulnerabilities
Vulnerable Software
Discourse:  Security Vulnerabilities
CVE-2021-3138
In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms.
CVSS Score
7.5
EPSS Score
0.03
Published
2021-01-14
CVE-2019-15515
Discourse 2.3.2 sends the CSRF token in the query string.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-08-26
CVE-2019-1020018
Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link.
CVSS Score
7.3
EPSS Score
0.002
Published
2019-07-29
CVE-2019-1020017
Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-07-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved