Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Configurations
History
27 Jul 2023, 04:04
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/discourse/discourse/security/advisories/GHSA-gxqx-3q2p-37gm - Vendor Advisory | |
References | (MISC) https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff - Patch | |
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:discourse:discourse:3.1.0:beta5:*:*:beta:*:*:* |
14 Jul 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-14 22:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-36818
Mitre link : CVE-2023-36818
CVE.ORG link : CVE-2023-36818
JSON object : View
Products Affected
discourse
- discourse
CWE