5 matches found
Discourse < 3.4.4 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
CVE-2025-48053
Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...
CVE-2025-48053 Discourse vulnerable to DoS via large URL payload in PM to a bot
Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...
CVE-2025-48053 Discourse vulnerable to DoS via large URL payload in PM to a bot
Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...
CVE-2025-48053
CVE-2025-48053 affects Discourse: before patch versions, sending a malicious URL in a PM to a bot can reduce availability of a Discourse instance (DoS). Patched in stable 3.4.4, beta 3.5.0.beta5, and tests-passed 3.5.0.beta6-dev. No workarounds documented. CVSS metrics from NVD indicate high impa...