4 matches found
CVE-2023-45806 Discourse vulnerable to DoS via Regexp Injection in Full Name
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...
CVE-2023-45806 Discourse vulnerable to DoS via Regexp Injection in Full Name
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...
CVE-2023-45806
Discourse is affected by CVE-2023-45806. Before versions 3.1.3 (stable) and 3.2.0.beta3 (beta/tests-passed), if a quoted user has a full name containing a ‘|’, updating the name can trigger a bug that generates a large amount of duplicate content across posts that mention the user. The issue is f...
CVE-2023-45806 Discourse vulnerable to DoS via Regexp Injection in Full Name
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...