Security Overview · discourse/discourse-calendar · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Calendar event names susceptible to XSS
GHSA-rq37-8pf3-4xc8 published Sep 12, 2024 by pmusaraj

Moderate
User can see invitees in events created in PMs and private categories
GHSA-wwq5-g5cp-c69f published Feb 22, 2024 by nattsw

Moderate
Uninvited user is able to join and mark the attendance of the the private event
GHSA-4hh7-6m34-p2jp published Feb 21, 2024 by nattsw

Moderate
Insufficient control of region value length
GHSA-65f2-9ghp-x8h8 published Aug 30, 2024 by pmusaraj

Moderate
Improper escaping of user input can lead to XSS under non-default site configuration
GHSA-3fwj-f6ww-7hr6 published Oct 16, 2023 by pmusaraj

High
Discourse-calendar exposes members of hidden groups
GHSA-jh96-w279-g7r9 published Nov 14, 2022 by jomaxro

Moderate
Event names susceptible to XSS
GHSA-c783-x9vm-xxp5 published Jun 14, 2022 by jomaxro

Moderate

Learn more about advisories related to discourse/discourse-calendar in the GitHub Advisory Database