Lucene search
+L

4 matches found

Vulnrichment
Vulnrichment
added 2023/11/10 2:43 p.m.25 views

CVE-2023-45806 Discourse vulnerable to DoS via Regexp Injection in Full Name

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...

4.3CVSS6.9AI score0.00999EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/10 2:43 p.m.27 views

CVE-2023-45806 Discourse vulnerable to DoS via Regexp Injection in Full Name

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...

4.3CVSS6AI score0.00999EPSS
Exploits0References3
CVE
CVE
added 2023/11/10 2:43 p.m.80 views

CVE-2023-45806

Discourse is affected by CVE-2023-45806. Before versions 3.1.3 (stable) and 3.2.0.beta3 (beta/tests-passed), if a quoted user has a full name containing a ‘|’, updating the name can trigger a bug that generates a large amount of duplicate content across posts that mention the user. The issue is f...

5.4CVSS4.7AI score0.00999EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/11/10 2:43 p.m.23 views

CVE-2023-45806 Discourse vulnerable to DoS via Regexp Injection in Full Name

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...

4.3CVSS5.4AI score0.00999EPSS
Exploits0References5
Rows per page
Query Builder