Discourse


reports in last 90 days

19

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Low SSRF in upload IMG through URL

Information Disclosure afine-team Issue was not triaged


Time to close: 5 Days and 0 hours
Resolved

High Web Cache Deception Attack (XSS)

Cross-site Scripting (XSS) - Stored bobrov Issue was not triaged


Time to close: 0 Days and 15 hours
Resolved

High Account takeover at https://try.discourse.org due to no CSRF protection in connecting Yahoo account

Cross-Site Request Forgery (CSRF) avinash_ Time to triage: 18 Days and 17 hours


Time to close: 5 Days and 11 hours
Resolved

High Web Cache Deception Attack (XSS)

Cross-site Scripting (XSS) - Stored bobrov Issue was not triaged


Time to close: 0 Days and 15 hours
Resolved

Low CSRF-tokens on pages without no-cache headers, resulting in ATO when using CloudFlare proxy (Web Cache Deception)

Cross-Site Request Forgery (CSRF) fransrosen Issue was not triaged


Time to close: 169 Days and 17 hours
Resolved

High Stored XSS in "post last edited" option

Cross-site Scripting (XSS) - Stored luigigubello Time to triage: 2 Days and 15 hours


Time to close: 9 Days and 4 hours
Resolved

High Gaining access to private topics using quoting feature

Improper Access Control - Generic mishre Time to triage: 2 Days and 16 hours


Time to close: 6 Days and 8 hours
Resolved

Critical Any user with invite capabilities can take-over any account on Discourse

None supplied mishre Issue was not triaged


Time to close: 105 Days and 8 hours
Resolved

Medium Any authenticated user can download full list of users, including email

Privacy Violation arkadiyt Issue was not triaged


Time to close: 2 Days and 20 hours
Resolved

Low SSRF in upload IMG through URL

Information Disclosure afine-team Issue was not triaged


Time to close: 5 Days and 0 hours
Resolved

High Arbitrary Local-File Read from Admin - Restore From Backup due to Symlinks

Information Disclosure ziot Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

High Admin Command Injection via username in user_archive ExportCsvFile

Command Injection - Generic ziot Issue was not triaged


Time to close: 0 Days and 0 hours
Resolved

High Stored XSS in posts because of absence of oembed variables values escaping

Cross-site Scripting (XSS) - Generic skavans Time to triage: 0 Days and 1 hours


Time to close: 7 Days and 4 hours
Resolved

High XSS in topics because of bandcamp preview engine vulnerability

Cross-site Scripting (XSS) - Generic skavans Time to triage: 0 Days and 15 hours


Time to close: 0 Days and 3 hours
Resolved

High Stored XSS in topics because of whitelisted_generic engine vulnerability

Cross-site Scripting (XSS) - Generic skavans Time to triage: 0 Days and 2 hours


Time to close: 7 Days and 4 hours
Resolved

High DOM Based XSS in Discourse Search

Cross-site Scripting (XSS) - Generic babayaga_ Issue was not triaged


Time to close: 1 Days and 15 hours
Resolved

High XSS vulnerability on Audio and Video parsers

Cross-site Scripting (XSS) - Generic alberto__segura Time to triage: 0 Days and 8 hours


Time to close: 0 Days and 11 hours
Resolved

High XSS Vulnerability on Image link parser

Cross-site Scripting (XSS) - Generic alberto__segura Issue was not triaged


Time to close: 1 Days and 13 hours
Resolved

Medium Users can bookmark other user's messages

Privilege Escalation strukt Time to triage: 0 Days and 5 hours


Time to close: 14 Days and 14 hours
Resolved