3 matches found
CVE-2023-28107
Discourse is an open-source discussion platform. Prior to version 3.0.2 of the stable branch and version 3.1.0.beta3 of the beta and tests-passed branches, a user logged as an administrator can request backups multiple times, which will eat up all the connections to the DB. If this is done on a...
Discourse < 3.0.2 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
CVE-2023-28107
CVE-2023-28107 affects Discourse. Prior to Discourse 3.0.2 (stable) and 3.1.0.beta3 (beta/tests-passed), an administrator could trigger repeated backup requests, exhausting DB connections and potentially impacting multisite clusters. Patches are available in 3.0.2 (stable) and 3.1.0.beta3 (beta/t...