CVE-2023-49098 – Reaction data for user notifications exposed in Discourse-reactions
https://notcve.org/view.php?id=CVE-2023-49098
Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939. Discourse-reactions es un complemento que permite al usuario agregar sus reacciones a la publicación. Los datos sobre las notificaciones de reacción de un usuario podrían quedar expuestos. • https://github.com/discourse/discourse-reactions/commit/2c26939395177730e492640d71aac68423be84fc https://github.com/discourse/discourse-reactions/security/advisories/GHSA-mq82-7v5x-rhv8 • CWE-284: Improper Access Control •
CVE-2023-48297 – Discourse vulnerable to unlimited mentioned users in message serializer
https://notcve.org/view.php?id=CVE-2023-48297
Discourse is a platform for community discussion. The message serializer uses the full list of expanded chat mentions (@all and @here) which can lead to a very long array of users. This issue was patched in versions 3.1.4 and beta 3.2.0.beta5. Discourse es una plataforma para la discusión comunitaria. El serializador de mensajes utiliza la lista completa de menciones de chat ampliadas (@all y @here), lo que puede conducir a una gran variedad de usuarios. • https://github.com/discourse/discourse/security/advisories/GHSA-hf2v-r5xm-8p37 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-47121 – Discourse SSRF vulnerability in Embedding
https://notcve.org/view.php?id=CVE-2023-47121
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable the Embedding feature. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/discourse/discourse/commit/24cca10da731734af4e9748de99a508d586e59f1 https://github.com/discourse/discourse/commit/5f20748e402223b265e6fee381472c14e2604da6 https://github.com/discourse/discourse/security/advisories/GHSA-hp24-94qf-8cgc • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2023-47120 – Discourse DoS through Onebox favicon URL
https://notcve.org/view.php?id=CVE-2023-47120
Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/discourse/discourse/commit/95a82d608d6377faf68a0e2c5d9640b043557852 https://github.com/discourse/discourse/commit/e910dd09140cb4abc3a563b95af4a137ca7fa0ce https://github.com/discourse/discourse/security/advisories/GHSA-77cw-xhj8-hfp3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-47119 – HTML injection in oneboxed links
https://notcve.org/view.php?id=CVE-2023-47119
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. Discourse es una plataforma de código abierto para el debate comunitario. • https://github.com/BaadMaro/CVE-2023-47119 https://github.com/discourse/discourse/commit/628b293ff53fb617b3464dd27268aec84388cc09 https://github.com/discourse/discourse/commit/d78357917c6a917a8a27af68756228e89c69321c https://github.com/discourse/discourse/security/advisories/GHSA-j95w-5hvx-jp5w • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •