5 matches found
CVE-2022-23549
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...
CVE-2022-23549
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...
CVE-2022-23549 Discourse vulnerable to bypass of post max_length using HTML comments
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...
CVE-2022-23549 Discourse vulnerable to bypass of post max_length using HTML comments
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...
CVE-2022-23549
CVE-2022-23549 affects Discourse. The issue allows a post’s raw body to exceed the max_length by embedding HTML comments that are not counted toward the limit. Affected versions: prior to 2.8.14 on the stable branch and prior to 2.9.0.beta16 on the beta/tests-passed branches. Patches are availabl...