5 matches found
CVE-2023-22740
Discourse is an open source platform for community discussion. Versions prior to 3.1.0.beta1 beta tests-passed are vulnerable to Allocation of Resources Without Limits. Users can create chat drafts of an unlimited length, which can cause a denial of service by generating an excessive load on the...
GHSA-RC42-JGHF-VR8F Integer overflow in publify_core
Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10 due to an unlimited length user name field...
PT-2022-26151 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.9.0.beta13 Description: Discourse is an open-source discussion platform. The issue allows users to post chat messages of an unlimited length, which can cause a denial of service for other users when huge amounts ...
CVE-2019-16374
Pega Platform 8.2.1 allows LDAP injection because a username can contain a character and can be of unlimited length. An attacker can specify four characters of a username, followed by the character, to bypass access control...
Improper access control
Pega Platform 8.2.1 allows LDAP injection because a username can contain a character and can be of unlimited length. An attacker can specify four characters of a username, followed by the character, to bypass access control...