First published: Fri Nov 10 2023(Updated: )
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, if a user has been quoted and uses a `|` in their full name, they might be able to trigger a bug that generates a lot of duplicate content in all the posts they've been quoted by updating their full name again. Version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches contain a patch for this issue. No known workaround exists, although one can stop the "bleeding" by ensuring users only use alphanumeric characters in their full name field.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
<3.1.3 | ||
<3.2.0 | ||
=3.2.0-beta1 | ||
=3.2.0-beta2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Discourse vulnerability is CVE-2023-45806.
The title of this Discourse vulnerability is 'Discourse vulnerable to DoS via Regexp Injection in Full Name'.
The severity of CVE-2023-45806 is medium with a CVSS score of 5.4.
Versions up to and excluding 3.1.3 in the 'stable' branch and versions up to and excluding 3.2.0 in the 'beta' and 'tests-passed' branches are affected.
To fix this vulnerability, update to version 3.1.3 in the 'stable' branch or version 3.2.0.beta3 in the 'beta' and 'tests-passed' branches of Discourse.