Discourse Yearly Review Discourse Yearly Review

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Discourse Yearly Review.

By the Year

In 2024 there have been 0 vulnerabilities in Discourse Yearly Review . Last year Discourse Yearly Review had 1 security vulnerability published. Right now, Discourse Yearly Review is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 1 5.30
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Discourse Yearly Review vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Discourse Yearly Review Security Vulnerabilities

discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic

CVE-2023-25169 5.3 - Medium - March 06, 2023

discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit `b3ab33bbf7` which is included in the latest version of the Discourse Yearly Review plugin. Users are advised to upgrade. Users unable to upgrade may disable the `yearly_review_enabled` setting to fully mitigate the issue. Also, it's possible to edit the anonymised user's old data in the yearly review topics manually.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Discourse Yearly Review or by Discourse? Click the Watch button to subscribe.

Discourse
Vendor

subscribe