2 matches found
PT-2022-16154 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.1 Discourse version 2.9.0.beta2 Description: The issue allows users to trigger a Denial of Service attack by posting a streaming URL. Parsing Oneboxes in the background job triggers an infinite loop, which caus...
Discourse 安全漏洞
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse, which stems from a problem with the software's parsing of URL streams. A denial-of-service attack can be triggered by a user...