CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38360 – Denial of service via Watched Words in Discourse
https://notcve.org/view.php?id=CVE-2024-38360
15 Jul 2024 — Discourse is an open source platform for community discussion. In affected versions by creating replacement words with an almost unlimited number of characters, a moderator can reduce the availability of a Discourse instance. This issue has been addressed in stable version 3.2.3 and in current betas. Users are advised to upgrade. Users unable to upgrade may manually remove the long watched words either via SQL or Rails console. • https://github.com/discourse/discourse/commit/7b53e610c17e38be982dffefa4e5b5a709a3b990 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37157 – Discourse vulnerable to Server-Side Request Forgery via FastImage
https://notcve.org/view.php?id=CVE-2024-37157
03 Jul 2024 — Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches, a malicious actor could get the FastImage library to redirect requests to an internal Discourse IP. This issue is patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches. No known workarounds are available. • https://github.com/discourse/discourse/commit/5b8cf11b69e05d5c058c1148ec69ec309491fa6e • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36122 – Discourse doesn't limit reviewable user serializer payload
https://notcve.org/view.php?id=CVE-2024-36122
03 Jul 2024 — Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches, moderators using the review queue to review users may see a users email address even when the Allow moderators to view email addresses setting is disabled. This issue is patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta4 on the `beta` and `tests-passed` branches. As possible workarounds, either prevent moderators from accessing... • https://github.com/discourse/discourse/commit/8d5b21170efa4766e1a213ff07dc36d36cf3dfb4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36113 – Discourse missing authorization checks for suspending admins/moderators
https://notcve.org/view.php?id=CVE-2024-36113
03 Jul 2024 — Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch, version 3.3.0.beta3 on the `beta` branch, and version 3.3.0.beta4-dev on the `tests-passed` branch, a rogue staff user could suspend other staff users preventing them from logging in to the site. The issue is patched in version 3.2.3 on the `stable` branch, version 3.3.0.beta3 on the `beta` branch, and version 3.3.0.beta4-dev on the `tests-passed` branch. No known workarounds are available. • https://github.com/discourse/discourse/commit/8470546f59b04bd82ce9b711406758fd5439936d • CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35234 – Discourse vulnerable to stored-dom XSS via Facebook Oneboxes
https://notcve.org/view.php?id=CVE-2024-35234
03 Jul 2024 — Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch, an attacker can execute arbitrary JavaScript on users’ browsers by posting a specific URL containing maliciously crafted meta tags. This issue only affects sites with Content Security Polic (CSP) disabled. The problem has been patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch. As a workaround, ensure CSP is ena... • https://github.com/discourse/discourse/commit/26aef0c288839378b9de5819e96eac8cf4ea60fd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35227 – Discourse vulnerable to DoS through Onebox
https://notcve.org/view.php?id=CVE-2024-35227
03 Jul 2024 — Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch, Oneboxing against a carefully crafted malicious URL can reduce the availability of a Discourse instance. The problem has been patched in version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch. There are no known workarounds available for this vulnerability. • https://github.com/discourse/discourse/commit/10afe5fcf1ebf2e49cb80716d5e62e184c53519b • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27085 – Denial of service through invites in Discourse
https://notcve.org/view.php?id=CVE-2024-27085
15 Mar 2024 — Discourse is an open source platform for community discussion. In affected versions users that are allowed to invite others can inject arbitrarily large data in parameters used in the invite route. The problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable invites or restrict access to them using the `invite allowed groups` site setting. • https://github.com/discourse/discourse/commit/62ea382247c1f87361d186392c45ca74c83be295 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27100 – Denial of service via Staff Actions in Discourse
https://notcve.org/view.php?id=CVE-2024-27100
15 Mar 2024 — Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could render an instance inoperable. A site could be disrupted by either a malicious moderator on the same site or a malicious staff member on another site in the same multisite cluster. This issue is patched in the latest... • https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28242 – Disclosure of the existence of secret categories with custom backgrounds in Discourse
https://notcve.org/view.php?id=CVE-2024-28242
15 Mar 2024 — Discourse is an open source platform for community discussion. In affected versions an attacker can learn that secret categories exist when they have backgrounds set. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. Users unable to upgrade should temporarily remove category backgrounds. • https://github.com/discourse/discourse/commit/b425fbc2a28341a5627928f963519006712c3d39 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24748 – Disclosure of the existence of secret subcategories in Discourse
https://notcve.org/view.php?id=CVE-2024-24748
15 Mar 2024 — Discourse is an open source platform for community discussion. In affected versions an attacker can learn that a secret subcategory exists under a public category which has no public subcategories. The issue is patched in the latest stable, beta and tests-passed version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/819361ba28f86a1347059af300bb5cca690f9193 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •