Lucene search
K

5 matches found

Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.446 views

Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass

Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Date: 14/01/2021 Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ...

7.5CVSS7.6AI score0.03073EPSS
Exploits4
0day.today
0day.today
added 2021/04/21 12:0 a.m.46 views

Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Exploit

Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ur username : "...

7.5CVSS7.6AI score0.03073EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/04/21 12:0 a.m.355 views

Discourse 2.7.0 2FA Bypass

Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Date: 14/01/2021 Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ...

5CVSS7.6AI score0.03073EPSS
Exploits4
OpenVAS
OpenVAS
added 2021/01/15 12:0 a.m.27 views

Discourse < 2.7.0.beta4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

7.5CVSS7.6AI score0.03073EPSS
Exploits4References2
CVE
CVE
added 2021/01/14 3:30 a.m.117 views

CVE-2021-3138

CVE-2021-3138 affects Discourse 2.7.0 through beta1, where a rate-limit bypass enables bypassing the 2FA requirement for certain forms. The vulnerability stems from how 2FA relies on rate-limiting, enabling bypasses under certain conditions. Documented impact is the 2FA bypass; exploitation detai...

7.5CVSS7.4AI score0.03073EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder