Discourse CVE RSS Feed

Hi there!

I manage a few Discourse instances and I usually have a fixed update schedule. (Every two weeks)

A RCE vulnerability was recently reported in discourse which was then reported by someone via our Bug bounty system.

Is there a RSS Feed of vulnerabilities reported in Discourse? That way, I can subscribe to the feed and update the systems as soon as a fix is out instead of just completely missing it for a few days even when a fix was available.

Thank you

1 Like

Something like Latest security vulnerabilities Discourse products ?

3 Likes

You can also watch release-notes, it will all list all releases, but the security ones are clearly highlighted there as well.

2 Likes

Thank you! This is perfect. I was on their site earlier and missed the “Vulnerability feeds & Widgets” setting.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.