CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 1CVE-2023-38706 – Discourse vulnerable to DoS via drafts
https://notcve.org/view.php?id=CVE-2023-38706
15 Sep 2023 — Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user can create an unlimited number of drafts with very long draft keys which may end up exhausting the resources on the server. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de debate de código a... • https://github.com/discourse/discourse/security/advisories/GHSA-7wpp-4pqg-gvp8 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 212EXPL: 0CVE-2023-38685 – Discourse's restricted tag information visible to unauthenticated users
https://notcve.org/view.php?id=CVE-2023-38685
28 Jul 2023 — Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. • https://github.com/discourse/discourse/commit/073661142369a0a66c25775cc3870582a679ef8b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 212EXPL: 0CVE-2023-38684 – Discourse vulnerable to ossible DDoS due to unbounded limits in various controller actions
https://notcve.org/view.php?id=CVE-2023-38684
28 Jul 2023 — Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an upper bound, the software may allow arbitrary users to generate DB queries which may end up exhausting the resources on the server. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0... • https://github.com/discourse/discourse/commit/bfc3132bb22bd5b7e86f428746b89c4d3d7f5a70 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 212EXPL: 0CVE-2023-38498 – Discourse vulnerable to DoS via defer queue
https://notcve.org/view.php?id=CVE-2023-38498
28 Jul 2023 — Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite installation. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. Users of multisite configurations should upgr... • https://github.com/discourse/discourse/commit/26e267478d785e2f32ee7da4613e2cf4a65ff182 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 212EXPL: 0CVE-2023-37906 – Discourse vulnerable to DoS via post edit reason
https://notcve.org/view.php?id=CVE-2023-37906
28 Jul 2023 — Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can edit a post in a topic and cause a DoS with a carefully crafted edit reason. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/dcc825bda505a344eda403a1b8733f30e784034a • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.1EPSS: 0%CPEs: 212EXPL: 0CVE-2023-37904 – Discourse Race Condition in Accept Invite
https://notcve.org/view.php?id=CVE-2023-37904
28 Jul 2023 — Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. As a workaround, use restrict to email address invites. • https://github.com/discourse/discourse/commit/62a609ea2d0645a27ee8adbb01ce10a5e03a600b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 0%CPEs: 211EXPL: 0CVE-2023-37467 – Discourse CSP nonce reuse vulnerability for anonymous users
https://notcve.org/view.php?id=CVE-2023-37467
28 Jul 2023 — Discourse is an open source discussion platform. Prior to version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a CSP (Content Security Policy) nonce reuse vulnerability was discovered could allow cross-site scripting (XSS) attacks to bypass CSP protection for anonymous (i.e. unauthenticated) users. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack to bypass CSP and execute successfully. This vulnerability isn't applicable to l... • https://github.com/discourse/discourse/commit/0976c8fad6970b6182e7837bf87de07709407f25 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-323: Reusing a Nonce, Key Pair in Encryption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36818 – Denial of service via User Custom Sidebar Section Unlimited Link Creation in discourse
https://notcve.org/view.php?id=CVE-2023-36818
14 Jul 2023 — Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 210EXPL: 0CVE-2023-36466 – Topic Title Validation Skipped When Changing Category in Discourse
https://notcve.org/view.php?id=CVE-2023-36466
14 Jul 2023 — Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse. • https://github.com/discourse/discourse/security/advisories/GHSA-4hjh-wg43-p932 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 210EXPL: 0CVE-2023-36473 – CSP nonce reuse vulnerability in Discourse
https://notcve.org/view.php?id=CVE-2023-36473
13 Jul 2023 — Discourse is an open source discussion platform. A CSP (Content Security Policy) nonce reuse vulnerability could allow XSS attacks to bypass CSP protection. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack to completely bypass CSP. The vulnerability is patched in the latest tests-passed, beta and stable branches. • https://github.com/discourse/discourse/security/advisories/GHSA-9f52-624j-8ppq • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •