Discourse-calendar
This hub aggregates every CVE we track for Discourse-calendar, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH1
Monthly trend
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Discourse-calendar.
- CVE-2024-45303Discourse Calendar plugin event names susceptible to XSS6.1
- CVE-2024-21658Insufficient control of region value length in discourse-calendar4.3
- CVE-2024-24817User can see invitees in events created in PMs and private categories4.3
- CVE-2024-26145Uninvited user is able to join and mark the attendance of the the private event6.5
- CVE-2023-43658Improper escaping of user input in discourse-calendar8.0
- CVE-2022-41913Discourse-calendar exposes members of hidden groups4.3
- CVE-2022-31059Discourse Calendar Event names susceptible to Cross-site Scripting6.5
Product normalization is registry-driven with AI assist and human review. How it works