5 matches found
CVE-2023-30606
Discourse is an open source platform for community discussion. In affected versions a user logged as an administrator can call arbitrary methods on the SiteSetting class, notably clearcache! and notifychanged!, which when done on a multisite instance, can affect the entire cluster resulting in a...
CVE-2023-30606
Discourse is an open source platform for community discussion. In affected versions a user logged as an administrator can call arbitrary methods on the SiteSetting class, notably clearcache! and notifychanged!, which when done on a multisite instance, can affect the entire cluster resulting in a...
CVE-2023-30606 Multisite denial of service through unsanitized dynamic dispatch to SiteSetting in Discourse
Discourse is an open source platform for community discussion. In affected versions a user logged as an administrator can call arbitrary methods on the SiteSetting class, notably clearcache! and notifychanged!, which when done on a multisite instance, can affect the entire cluster resulting in a...
CVE-2023-30606
CVE-2023-30606 affects Discourse where an administrator can call arbitrary methods on SiteSetting (notably clear_cache! and notify_changed!) in multisite deployments, potentially affecting the entire cluster and causing denial of service. Affected versions are mitigated by upgrading to the latest...
Discourse < 3.0.2 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...