HomePentest-Tools.com Logo

Discourse 3.1.x < 3.1.3, 3.2.x < 3.2.0.beta3 DoS Vulnerability CVE-2023-45131

Severity
CVSSv3 Score
7.5
Vulnerability description

Discourse is prone to a denial of service (DoS) vulnerability.

Risk description

Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it.

Recommendation

Update to version 3.1.3, 3.2.0.beta3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 16, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available