CVE-2023-26040

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

BIT-DISCOURSE-2023-26040

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

BIT-DISCOURSE-2023-28107 Discourse vulnerable to multisite DoS by spamming backups

Discourse is an open-source discussion platform. Prior to version 3.0.2 of the stable branch and version 3.1.0.beta3 of the beta and tests-passed branches, a user logged as an administrator can request backups multiple times, which will eat up all the connections to the DB. If this is done on a...

BIT-DISCOURSE-2023-28111 Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses

Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, attackers are able to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the...

BIT-DISCOURSE-2023-28112 Discourse's SSRF protection missing for some FastImage requests

Discourse is an open-source discussion platform. Prior to version 3.1.0, some user provided URLs were being passed to FastImage without SSRF protection. Insufficient protections could enable attackers to trigger outbound network connections from the Discourse server to private IP addresses. This...

Design/Logic Flaw

Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, some user provided URLs were being passed to FastImage without SSRF protection. Insufficient protections could enable attackers to trigger outbound network connections from the...

CVE-2023-28107

Discourse is an open-source discussion platform. Prior to version 3.0.2 of the stable branch and version 3.1.0.beta3 of the beta and tests-passed branches, a user logged as an administrator can request backups multiple times, which will eat up all the connections to the DB. If this is done on a...

CVE-2023-28111

CVE-2023-28111 concerns Discourse prior to 3.1.0.beta3 (beta and tests-passed branches), where an attacker can bypass the platform’s SSRF protections for private IPv4 addresses by using an IPv4-mapped IPv6 address. The root cause is a weakness in SSRF filtering that permits IPv4-mapped IPv6 repre...

CVE-2023-28111 Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses

Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, attackers are able to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the...

CVE-2023-28111 Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses

Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, attackers are able to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the...

Cross site scripting

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

CVE-2023-26040

Discourse (open-source discussion platform) vulnerable in the tests-passed branch between versions 3.1.0.beta2 and 3.1.0.beta3, where editing or replying to a chat message containing malicious content could lead to cross-site scripting (XSS). The issue is patched in version 3.1.0.beta3 of the tes...

CVE-2023-26040 Discourse chat messages susceptible to Cross-site Scripting through chat excerpts

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...