CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36818 – Denial of service via User Custom Sidebar Section Unlimited Link Creation in discourse
https://notcve.org/view.php?id=CVE-2023-36818
Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff https://github.com/discourse/discourse/security/advisories/GHSA-gxqx-3q2p-37gm • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 210EXPL: 0CVE-2023-36466 – Topic Title Validation Skipped When Changing Category in Discourse
https://notcve.org/view.php?id=CVE-2023-36466
Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse. • https://github.com/discourse/discourse/security/advisories/GHSA-4hjh-wg43-p932 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 210EXPL: 0CVE-2023-36473 – CSP nonce reuse vulnerability in Discourse
https://notcve.org/view.php?id=CVE-2023-36473
Discourse is an open source discussion platform. A CSP (Content Security Policy) nonce reuse vulnerability could allow XSS attacks to bypass CSP protection. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack to completely bypass CSP. The vulnerability is patched in the latest tests-passed, beta and stable branches. • https://github.com/discourse/discourse/security/advisories/GHSA-9f52-624j-8ppq • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-34250 – Discourse vulnerable to exposure of number of topics recently created in private categories
https://notcve.org/view.php?id=CVE-2023-34250
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, an attacker could use the new topics dismissal endpoint to reveal the number of topics recently created (but not the actual content thereof) in categories they didn't have access to. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. There are no known workarounds. • https://github.com/discourse/discourse/security/advisories/GHSA-q8m5-wmjr-3ppg • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-32301 – Discourse's canonical url not being used for topic embeddings
https://notcve.org/view.php?id=CVE-2023-32301
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. As a workaround, disable topic embedding if it has been enabled. • https://github.com/discourse/discourse/security/advisories/GHSA-p2jx-m2j5-hqh4 • CWE-116: Improper Encoding or Escaping of Output •