Discourse is an open source platform for community discussion. Users clicking on the lightbox thumbnails could be affected. This problem is patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Aug 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:discourse:discourse:*:*:*:*:beta:*:*:* cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:* cpe:2.3:a:discourse:discourse:3.4.0:beta1:*:*:beta:*:*:* cpe:2.3:a:discourse:discourse:3.4.0:beta2:*:*:beta:*:*:* cpe:2.3:a:discourse:discourse:3.4.0:beta3:*:*:beta:*:*:* |
Tue, 15 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Fri, 20 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Dec 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Discourse is an open source platform for community discussion. Users clicking on the lightbox thumbnails could be affected. This problem is patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |
Title | Magnific lightbox susceptible to Cross-site Scripting in Discourse | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2024-12-20T20:42:25.778Z
Reserved: 2024-11-15T17:11:13.439Z
Link: CVE-2024-52794

Updated: 2024-12-20T20:42:22.501Z

Status : Analyzed
Published: 2024-12-19T20:15:07.513
Modified: 2025-08-26T02:14:59.883
Link: CVE-2024-52794

No data.

Updated: 2025-07-13T11:06:24Z