Discourse Discotoc
By the Year
In 2024 there have been 0 vulnerabilities in Discourse Discotoc . Discotoc did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.40 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Discotoc vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Discourse Discotoc Security Vulnerabilities
DiscoTOC is a Discourse theme component that generates a table of contents for topics
CVE-2022-39270
5.4 - Medium
- October 06, 2022
DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories (and have sufficient trust level - configured in component's settings) are able to inject arbitrary HTML on that topic's page. The issue has been fixed on the `main` branch. Admins can update the theme component through the admin UI (Customize -> Themes -> Components -> DiscoTOC -> Check for Updates). Alternatively, admins can temporarily disable the DiscoTOC theme component.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Discourse Discotoc or by Discourse? Click the Watch button to subscribe.
