2 matches found
CVE-2022-23548
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, parsing posts can be susceptible to regular expression denial of service ReDoS attacks. This issue is patched in versions 2.8.14 and...
CVE-2022-23548
Discourse is affected by a ReDoS vulnerability in the post-parsing logic (CVE-2022-23548). Affected versions are prior to 2.8.14 (stable) and 2.9.0.beta16 (beta/tests-passed). The issue is patched in 2.8.14 and 2.9.0.beta16. There are no publicly documented workarounds. Remediation is to upgrade ...