Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:34 a.m.9 views

CVE-2023-47119

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

6.1CVSS6.6AI score0.00943EPSS
Exploits1
Circl
Circl
added 2023/11/12 11:37 p.m.5 views

CVE-2023-47119

creationtimestamp| type| source ---|---|--- 2023-11-12 23:37:20+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5776 2023-11-14 04:22:49+00:00| published-proof-of-concept| https://t.me/CNArsenal/1503 2023-12-21 17:37:53+00:00| seen| https://t.me/arpsyndicate/2053 2024-06-19...

6.1CVSS6.3AI score0.00943EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/11/10 3:0 p.m.11 views

CVE-2023-47119 HTML injection in oneboxed links

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

5.3CVSS6.9AI score0.00943EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/11/10 3:0 p.m.35 views

CVE-2023-47119 HTML injection in oneboxed links

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

5.3CVSS6.7AI score0.00943EPSS
Exploits1References3
CVE
CVE
added 2023/11/10 3:0 p.m.75 views

CVE-2023-47119

Discourse prior to 3.1.3 (stable) and 3.2.0.beta3 (beta/tests-passed) is affected by an HTML injection in Onebox-rendered links. Root cause: the Onebox engine can inject arbitrary HTML tags when rendering certain links. Exploitation PoC is available (e.g., a GitHub exploit showing an HTML-injecti...

6.1CVSS5.6AI score0.00943EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder