Page 9 of 147 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Discourse is an open source platform for community discussion. A malicious request can cause production log files to quickly fill up and thus result in the server running out of disk space. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. It is possible to temporarily work around this problem by reducing the `client_max_body_size nginx directive`. `client_max_body_size` will limit the size of uploads that can be uploaded directly to the server. • http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size https://github.com/discourse/discourse/security/advisories/GHSA-89h3-g746-xmwq • CWE-400: Uncontrolled Resource Consumption •

CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0

Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the `/polls/grouped_poll_results` endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where the results were intended to only be viewable by authorized users. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. There is no workaround for this issue apart from upgrading to the fixed version. • https://github.com/discourse/discourse/security/advisories/GHSA-3x57-846g-7qcw • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0

Discourse is an open source platform for community discussion. Improper escaping of user input allowed for Cross-site Scripting attacks via the digest email preview UI. This issue only affects sites with CSP disabled. This issue has been patched in the 3.1.1 stable release as well as the 3.2.0.beta1 release. Users are advised to upgrade. • https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP https://github.com/discourse/discourse/security/advisories/GHSA-g4qg-5q2h-m8ph • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

Discourse is an open source community platform. In affected versions any user can create a topic and add arbitrary custom fields to a topic. The severity of this vulnerability depends on what plugins are installed and how the plugins uses topic custom fields. For a default Discourse installation with the default plugins, this vulnerability has no impact. The problem has been patched in the latest version of Discourse. • https://github.com/discourse/discourse/security/advisories/GHSA-wm89-m359-f9qv • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site setting. A moderator user could manipulate the request path to the Jira API, allowing them to perform arbitrary GET requests using the Jira API credentials, potentially with elevated permissions, used by the application. Discourse-jira es un complemento de Discourse que permite que los proyectos, tipos de problemas, campos y opciones de campos de Jira se sincronicen automáticamente. Un usuario administrador puede realizar un ataque SSRF configurando la URL de Jira en una ubicación arbitraria y habilitando la configuración del sitio `discourse_jira_verbose_log`. • https://github.com/discourse/discourse-jira/commit/8a2d3ad228883199fd5f081cc93d173c88e2e48f https://github.com/discourse/discourse-jira/pull/50 https://github.com/discourse/discourse-jira/security/advisories/GHSA-pmv5-h2x6-35fh • CWE-691: Insufficient Control Flow Management CWE-918: Server-Side Request Forgery (SSRF) •