Discourse Yearly Review
By the Year
In 2024 there have been 0 vulnerabilities in Discourse Yearly Review . Last year Discourse Yearly Review had 1 security vulnerability published. Right now, Discourse Yearly Review is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 5.30 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Discourse Yearly Review vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Discourse Yearly Review Security Vulnerabilities
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic
CVE-2023-25169
5.3 - Medium
- March 06, 2023
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit `b3ab33bbf7` which is included in the latest version of the Discourse Yearly Review plugin. Users are advised to upgrade. Users unable to upgrade may disable the `yearly_review_enabled` setting to fully mitigate the issue. Also, it's possible to edit the anonymised user's old data in the yearly review topics manually.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Discourse Yearly Review or by Discourse? Click the Watch button to subscribe.
