Security: discourse/discourse-calendar
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
User can see invitees in events created in PMs and private categoriesGHSA-wwq5-g5cp-c69f published
Feb 22, 2024 by nattswModerate -
Uninvited user is able to join and mark the attendance of the the private eventGHSA-4hh7-6m34-p2jp published
Feb 21, 2024 by nattswModerate -
Improper escaping of user input can lead to XSS under non-default site configurationGHSA-3fwj-f6ww-7hr6 published
Oct 16, 2023 by pmusarajHigh -
Discourse-calendar exposes members of hidden groupsGHSA-jh96-w279-g7r9 published
Nov 14, 2022 by jomaxroModerate -
Event names susceptible to XSSGHSA-c783-x9vm-xxp5 published
Jun 14, 2022 by jomaxroModerate
Learn more about advisories related to discourse/discourse-calendar in the GitHub Advisory Database