Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready.
- Do not sign in unapproved users (CVE-2022-21684)
- Advanced group search did not respect visibility of groups. (CVE-2022-21677)
- Hide user’s bio if profile is restricted (CVE-2022-21678)
- Only show user suggestions with regular post (CVE-2022-21642)