Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 3:48 a.m.8 views

CVE-2023-32061

Discourse is an open source discussion platform. Prior to version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, the lack of restrictions on the iFrame tag makes it easy for an attacker to exploit the vulnerability and hide subsequent comments from other...

5.4CVSS6.6AI score0.00359EPSS
Exploits0References1
openvas
openvas
added 2023/06/15 12:0 a.m.18 views

Discourse 3.1.x < 3.1.0.beta5 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescriptio...

5.4CVSS4.9AI score0.00399EPSS
Exploits0References3
openvas
openvas
added 2023/06/15 12:0 a.m.21 views

Discourse < 3.0.4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescriptio...

5.4CVSS5.1AI score0.00423EPSS
Exploits0References4
cve
cve
added 2023/06/13 9:16 p.m.57 views

CVE-2023-32061

Discourse prior to v3.0.4 (stable) and v3.1.0.beta5 (beta/tests-passed) is vulnerable to iframe tag restriction bypass, allowing an attacker to hide subsequent comments. Root cause: lack of restrictions on the iframe tag in topic creation. Patched in v3.0.4 (stable) and v3.1.0.beta5 (beta/tests-p...

5.4CVSS5.1AI score0.00359EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/06/13 9:16 p.m.10 views

CVE-2023-32061 Discourse Topic Creation Page Allows iFrame Tag without Restrictions

Discourse is an open source discussion platform. Prior to version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, the lack of restrictions on the iFrame tag makes it easy for an attacker to exploit the vulnerability and hide subsequent comments from other...

5.4CVSS6.9AI score0.00359EPSS
Exploits0References1
Rows per page
Query Builder