Discourse Rails Multisite
By the Year
In 2024 there have been 0 vulnerabilities in Discourse Rails Multisite . Rails Multisite did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 1 | 8.80 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Rails Multisite vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Discourse Rails Multisite Security Vulnerabilities
rails_multisite provides multi-db support for Rails applications
CVE-2021-41263
8.8 - High
- November 15, 2021
rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application. The issue has been patched in v4 of the `rails_multisite` gem. Note that this upgrade will invalidate all previous signed/encrypted cookies. The impact of this invalidation will vary based on the application architecture.
Use of a Broken or Risky Cryptographic Algorithm
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Discourse Rails Multisite or by Discourse? Click the Watch button to subscribe.