CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27100 – Denial of service via Staff Actions in Discourse
https://notcve.org/view.php?id=CVE-2024-27100
Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could render an instance inoperable. A site could be disrupted by either a malicious moderator on the same site or a malicious staff member on another site in the same multisite cluster. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. • https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47 https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28242 – Disclosure of the existence of secret categories with custom backgrounds in Discourse
https://notcve.org/view.php?id=CVE-2024-28242
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that secret categories exist when they have backgrounds set. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. Users unable to upgrade should temporarily remove category backgrounds. • https://github.com/discourse/discourse/commit/b425fbc2a28341a5627928f963519006712c3d39 https://github.com/discourse/discourse/security/advisories/GHSA-c7q7-7f6q-2c23 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24748 – Disclosure of the existence of secret subcategories in Discourse
https://notcve.org/view.php?id=CVE-2024-24748
Discourse is an open source platform for community discussion. In affected versions an attacker can learn that a secret subcategory exists under a public category which has no public subcategories. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/819361ba28f86a1347059af300bb5cca690f9193 https://github.com/discourse/discourse/security/advisories/GHSA-3qh8-xw23-cq4x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24827 – No rate limits on POST /uploads endpoint in Discourse
https://notcve.org/view.php?id=CVE-2024-24827
Discourse is an open source platform for community discussion. Without a rate limit on the POST /uploads endpoint, it makes it easier for an attacker to carry out a DoS attack on the server since creating an upload can be a resource intensive process. Do note that the impact varies from site to site as various site settings like `max_image_size_kb`, `max_attachment_size_kb` and `max_image_megapixels` will determine the amount of resources used when creating an upload. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. • https://github.com/discourse/discourse/commit/003b80e62f97cd8c0114d6b9d3f93c10443e6fae https://github.com/discourse/discourse/security/advisories/GHSA-58vw-246g-fjj4 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-23834 – Discourse improperly sanitized user input leads to XSS
https://notcve.org/view.php?id=CVE-2024-23834
Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in 3.1.5 and 3.2.0.beta5. As a workaround, ensure Content Security Policy is enabled and does not include `unsafe-inline`. • https://github.com/discourse/discourse/commit/568d704a94c528b7c2cb0f3512a7b7b606bc3000 https://github.com/discourse/discourse/security/advisories/GHSA-rj3g-8q6p-63pc https://meta.discourse.org/t/3-1-5-security-and-bug-fix-release/293094 https://meta.discourse.org/t/3-2-0-beta5-add-groups-to-dms-mobile-chat-footer-redesign-passkeys-enabled-by-default-and-more/293093 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •