Lucene search
GoogleOSV:BIT-DISCOURSE-2023-38498HistoryMar 06, 2024 - 10:55 a.m.
BIT-discourse-2023-38498
2024-03-0610:55:24
Google
osv.dev
6
open source
discussion platform
vulnerability
patched
specific versions
multisite configurations
upgrade
Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite installation. The issue is patched in version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches. There are no known workarounds for this vulnerability. Users of multisite configurations should upgrade.
Related
prion
prion
Design/Logic Flaw
2023-07-28 16:15:00
cvelist
cvelist
CVE-2023-38498 Discourse vulnerable to DoS via defer queue
2023-07-28 15:18:18
osv
osv
CVE-2023-38498
2023-07-28 16:15:12
openvas
openvas
Discourse < 3.0.7 DoS Vulnerability
2023-07-31 00:00:00
Discourse 3.1.x < 3.1.0.beta8 DoS Vulnerability
2023-07-31 00:00:00
cve
cve
CVE-2023-38498
2023-07-28 16:15:12
githubexploit
githubexploit
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.6%
Related for OSV:BIT-DISCOURSE-2023-38498