Discourse Meta
Potential Directory Traversal: /uploads/* allows cross-directory file access
Support
Moin
July 8, 2025, 10:42am
2
Maybe you are interested in the
secure-uploads
feature.
3 Likes
show post in topic
Related topics
Topic
Replies
Views
Activity
Potential resource exhaustion: No rate limiting on /uploads.json allows mass file uploads
Support
uploads
0
22
July 8, 2025
Personal Message attachments accessible to unauthenticated users (missing auth check)
Support
secure-uploads
,
personal-messages
1
25
July 8, 2025
Does anyone have some suggestions how should I go about investigating Discourse losing old uploads?
Support
0
18
July 4, 2024
Understanding Uploads, Images, and Attachments
Site Management
explanation
,
file-managment
5
4983
January 15, 2025
Secure Uploads
Announcements
secure-uploads
44
16371
October 25, 2024