Lucene search
+L

5 matches found

OpenVAS
OpenVAS
added 2025/06/10 12:0 a.m.4 views

Discourse < 3.4.4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

9.8CVSS7.5AI score0.00348EPSS
Exploits0References3
NVD
NVD
added 2025/06/09 1:15 p.m.12 views

CVE-2025-48053

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...

8.7CVSS0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/09 12:30 p.m.15 views

CVE-2025-48053 Discourse vulnerable to DoS via large URL payload in PM to a bot

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...

8.7CVSS6.5AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/09 12:30 p.m.16 views

CVE-2025-48053 Discourse vulnerable to DoS via large URL payload in PM to a bot

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...

8.7CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2025/06/09 12:30 p.m.63 views

CVE-2025-48053

CVE-2025-48053 affects Discourse: before patch versions, sending a malicious URL in a PM to a bot can reduce availability of a Discourse instance (DoS). Patched in stable 3.4.4, beta 3.5.0.beta5, and tests-passed 3.5.0.beta6-dev. No workarounds documented. CVSS metrics from NVD indicate high impa...

8.7CVSS6.4AI score0.00315EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder