171 matches found
CVE-2023-28107
Discourse is an open-source discussion platform. Prior to version 3.0.2 of the stable branch and version 3.1.0.beta3 of the beta and tests-passed branches, a user logged as an administrator can request backups multiple times, which will eat up all the connections to the DB. If this is done on a...
CVE-2023-28111
CVE-2023-28111 concerns Discourse prior to 3.1.0.beta3 (beta and tests-passed branches), where an attacker can bypass the platform’s SSRF protections for private IPv4 addresses by using an IPv4-mapped IPv6 address. The root cause is a weakness in SSRF filtering that permits IPv4-mapped IPv6 repre...
CVE-2023-28111 Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses
Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, attackers are able to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the...
CVE-2023-28111 Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses
Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, attackers are able to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the...
CVE-2023-26040
Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...
Cross site scripting
Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...
CVE-2023-26040 Discourse chat messages susceptible to Cross-site Scripting through chat excerpts
Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...
CVE-2023-26040
Discourse (open-source discussion platform) vulnerable in the tests-passed branch between versions 3.1.0.beta2 and 3.1.0.beta3, where editing or replying to a chat message containing malicious content could lead to cross-site scripting (XSS). The issue is patched in version 3.1.0.beta3 of the tes...
PT-2023-21570 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.0.beta3 Description: The issue allows attackers to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using an IPv4-mapped IPv6 address. Recommendations: For versions...
Discourse 安全漏洞
Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. A security vulnerability exists in Discourse versions prior to 3.0.1 stable, 3.1.0.beta2 beta, and 3.1.0.beta3 test-passed, which stems from an improperly restricte...
CVE-2022-34625
Mealie1.0.0beta3 was discovered to contain a Server-Side Template Injection vulnerability, which allows attackers to execute arbitrary code via a crafted Jinja2 template...
org.apache.struts:struts2-apps (>=2.5-BETA1 <=2.5-BETA3), org.apache.struts:struts2-assembly (>=2.5-BETA1 <=2.5-BETA3) +33 more potentially affected by CVE-2016-4436 via org.apache.struts:struts2-core (>=2.5-BETA1 <=2.5-BETA3)
org.apache.struts:struts2-core MAVEN version =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA1, =2.5-BETA3 and more Source cves: CVE-2016-4436 Source...
Design/Logic Flaw
Discourse is an open source discussion platform. Versions 2.8.2 and prior in the stable branch, 2.9.0.beta3 and prior in the beta branch, and 2.9.0.beta3 and prior in the tests-passed branch are vulnerable to a data leak. Users can request an export of their own activity. Sometimes, due to catego...
Discourse 信息泄露漏洞
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. Discourse is vulnerable to an information disclosure vulnerability that originates in the "stable" branch of version 2.8.2 and earlier, the "beta" branch of version 2.9.0.bet...
Grafana 8.0.0-beta3 - 8.3.1 Directory Traversal Vulnerability
Grafana is prone to a directory traversal vulnerability for Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Design/Logic Flaw
WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell...
CVE-2020-21005
WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell...
CVE-2020-21005
WellCMS 2.0 beta3 is vulnerable to a file-upload flaw where the upload file type is controllable in the CMS background, enabling an attacker to modify the file type and potentially obtain a webshell. Root cause: incomplete verification of uploaded file types. Impact: webshell capability is implie...
Discourse < 2.6.0.beta4 Information Disclosure Vulnerability
Discourse is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...