3 matches found
CVE-2023-47121 Discourse SSRF vulnerability in Embedding
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the stable branch...
CVE-2023-47121
CVE-2023-47121 affects Discourse prior to 3.1.3 (stable) and 3.2.0.beta3 (beta/tests-passed) where the Embedding feature enables server-side request forgery (SSRF). The root cause is a vulnerable embedding workflow that can be triggered remotely, allowing SSRF conditions. The issue is fixed in Di...
CVE-2023-47121 Discourse SSRF vulnerability in Embedding
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the stable branch...