CVSS: 5.3EPSS: 0%CPEs: 208EXPL: 0CVE-2023-23624 – Discourse's exclude_tags param could leak which topics had a specific hidden tag
https://notcve.org/view.php?id=CVE-2023-23624
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches, someone can use the `exclude_tag param` to filter out topics and deduce which ones were using a specific hidden tag. This affects any Discourse site using hidden tags in public categories. This issue is patched in version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches. As a workaround, secure any categories that are using hidden tags, change any existing hidden tags to not include private data, or remove any hidden tags currently in use. • https://github.com/discourse/discourse/commit/f55e0fe7910149c431861c18ce407d1be0d6091a https://github.com/discourse/discourse/pull/20006 https://github.com/discourse/discourse/security/advisories/GHSA-qgj5-g5vf-fm7q • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.6EPSS: 0%CPEs: 208EXPL: 0CVE-2023-23621 – Discourse vulnerable to ReDoS in user agent parsing
https://notcve.org/view.php?id=CVE-2023-23621
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de discusión de código abierto. • https://github.com/discourse/discourse/commit/6d92c3cbdac431db99a450f360a3048bb3aaf458 https://github.com/discourse/discourse/pull/20002 https://github.com/discourse/discourse/security/advisories/GHSA-mrfp-54hf-jrcv • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 4.3EPSS: 0%CPEs: 208EXPL: 0CVE-2023-23616 – Discourse membership requests lack character limit
https://notcve.org/view.php?id=CVE-2023-23616
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches, when submitting a membership request, there is no character limit for the reason provided with the request. This could potentially allow a user to flood the database with a large amount of data. However it is unlikely this could be used as part of a DoS attack, as the paths reading back the reasons are only available to administrators. Starting in version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches, a limit of 280 characters has been introduced for membership requests. • https://github.com/discourse/discourse/commit/3e0cc4a5d9ef44ad902f6985d046ebb32f0a14ee https://github.com/discourse/discourse/commit/d5745d34c20c31a221039d8913f33064433003ea https://github.com/discourse/discourse/pull/19993 https://github.com/discourse/discourse/security/advisories/GHSA-6xff-p329-9pgf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 208EXPL: 0CVE-2023-23620 – Discourse restricted tag routes leak topic information
https://notcve.org/view.php?id=CVE-2023-23620
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches, the contents of latest/top routes for restricted tags can be accessed by unauthorized users. This issue is patched in version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de discusión de código abierto. • https://github.com/discourse/discourse/commit/105fee978d73b0ec23ff814a09d1c0c9ace95164 https://github.com/discourse/discourse/pull/20004 https://github.com/discourse/discourse/security/advisories/GHSA-hvj9-g84x-5prx • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22739 – Discourse subject to Allocation of Resources Without Limits or Throttling
https://notcve.org/view.php?id=CVE-2023-22739
Discourse is an open source platform for community discussion. Versions prior to 3.0.1 (stable), 3.1.0.beta2 (beta), and 3.1.0.beta2 (tests-passed) are subject to Allocation of Resources Without Limits or Throttling. As there is no limit on data contained in a draft, a malicious user can create an arbitrarily large draft, forcing the instance to a crawl. This issue is patched in versions 3.0.1 (stable), 3.1.0.beta2 (beta), and 3.1.0.beta2 (tests-passed). There are no workarounds. • https://github.com/discourse/discourse/security/advisories/GHSA-rqgr-g6v7-jcfc • CWE-770: Allocation of Resources Without Limits or Throttling •