Description
Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| discourse | discourse | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-40426 | Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse. |
References
History
Tue, 22 Oct 2024 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2024-10-22T13:58:48.183Z
Reserved: 2023-06-21T18:50:41.700Z
Link: CVE-2023-36466
Vulnrichment
Updated: 2024-08-02T16:45:56.979Z
NVD
Status : Modified
Published: 2023-07-14T22:15:09.170
Modified: 2024-11-21T08:09:46.173
Link: CVE-2023-36466
Redhat
No data.
OpenCVE Enrichment
No data.