HomePentest-Tools.com Logo

Discourse 3.1.x < 3.1.0.beta1 DoS Vulnerability CVE-2023-22740

Severity
CVSSv3 Score
6.5
Vulnerability description

Discourse is prone to a denial of service (DoS) vulnerability.

Risk description

Users can create chat drafts of an unlimited length, which can cause a denial of service by generating an excessive load on the server. Additionally an unlimited number of drafts were loaded when loading the user.

Recommendation

Update to version 3.1.0.beta1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 27, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available