Lucene search
CVE-2023-28107
Prior to version 3.0.2 of Discourse, an admin user can make multiple backup requests, consuming all DB connections. Affects multisite setups, fixed in 3.0.2
Show more
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | CVE-2023-28107 | 17 Mar 202317:15 | – | osv |
| BIT-discourse-2023-28107 | 6 Mar 202410:58 | – | osv |
 | CVE-2023-28107 Discourse vulnerable to multisite DoS by spamming backups | 17 Mar 202316:23 | – | vulnrichment |
 | CVE-2023-28107 Discourse vulnerable to multisite DoS by spamming backups | 17 Mar 202316:23 | – | cvelist |
 | Design/Logic Flaw | 17 Mar 202317:15 | – | prion |
 | CVE-2023-28107 | 17 Mar 202317:15 | – | nvd |
 | Discourse < 3.0.2 Multiple Vulnerabilities | 20 Mar 202300:00 | – | openvas |
| Discourse 3.1.x < 3.1.0.beta3 Multiple Vulnerabilities | 17 Mar 202300:00 | – | openvas |
[
{
"vendor": "discourse",
"product": "discourse",
"versions": [
{
"version": "stable < 3.0.2",
"status": "affected"
},
{
"version": "beta < 3.1.0.beta3",
"status": "affected"
},
{
"version": "tests-passed < 3.1.0.beta3",
"status": "affected"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Mar 2023 17:15Current
4.7Medium risk
Vulners AI Score4.7
CVSS34.5 - 4.9
EPSS0.0015
SSVC