By the Year
In 2023 there have been 0 vulnerabilities in Discourse Discotoc . Last year Discotoc had 1 security vulnerability published. Right now, Discotoc is on track to have less security vulnerabilities in 2023 than it did last year.
It may take a day or so for new Discotoc vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Discourse Discotoc Security Vulnerabilities
DiscoTOC is a Discourse theme component that generates a table of contents for topics
5.4 - Medium
- October 06, 2022
DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories (and have sufficient trust level - configured in component's settings) are able to inject arbitrary HTML on that topic's page. The issue has been fixed on the `main` branch. Admins can update the theme component through the admin UI (Customize -> Themes -> Components -> DiscoTOC -> Check for Updates). Alternatively, admins can temporarily disable the DiscoTOC theme component.