📦

discourse_reactions

Vendor: discourse

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.20% Exploit Prob.

Latest CVE CVE-2023-49098 Jan 12

Security Vulnerability Index

Page 1 / 1

3.5 CVSS

CVE-2023-49098

Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939.

EPSS: 0.18%

Severity: LOW

Jan 12, 2024

5.3 CVSS

CVE-2021-41140

Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are visible. This issue is patched in version 0.2 of discourse-reaction. Users who are unable to update are advised to disable the Discourse-reactions plugin in admin panel.

EPSS: 0.23%

Severity: MEDIUM

Oct 19, 2021

Displaying 2 of 2 Total Entries

Total 1 Sections