CVE-2023-23615
Published: Feb 3, 2023Modified: Nov 21, 2024
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD
Description
Discourse is an open source discussion platform. The embeddable comments can be exploited to create new topics as any user but without any clear title or content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. As a workaround, disable embeddable comments by deleting all embeddable hosts.
Affected (208)
Configuration B207 vulnerable
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 beta1 | |
| Version 1.1.0 beta2 | |
| Version 1.1.0 beta3 | |
| Version 1.1.0 beta4 | |
| Version 1.1.0 beta5 | |
| Version 1.1.0 beta6 | |
| Version 1.1.0 beta6b | |
| Version 1.1.0 beta7 | |
| Version 1.1.0 beta8 | |
| Version 1.2.0 beta1 | |
| Version 1.2.0 beta2 | |
| Version 1.2.0 beta3 | |
| Version 1.2.0 beta4 | |
| Version 1.2.0 beta5 | |
| Version 1.2.0 beta6 | |
| Version 1.2.0 beta7 | |
| Version 1.2.0 beta8 | |
| Version 1.2.0 beta9 | |
| Version 1.3.0 beta10 | |
| Version 1.3.0 beta11 | |
| Version 1.3.0 beta1 | |
| Version 1.3.0 beta2 | |
| Version 1.3.0 beta3 | |
| Version 1.3.0 beta4 | |
| Version 1.3.0 beta5 | |
| Version 1.3.0 beta6 | |
| Version 1.3.0 beta7 | |
| Version 1.3.0 beta8 | |
| Version 1.3.0 beta9 | |
| Version 1.4.0 beta10 | |
| Version 1.4.0 beta11 | |
| Version 1.4.0 beta12 | |
| Version 1.4.0 beta1 | |
| Version 1.4.0 beta2 | |
| Version 1.4.0 beta3 | |
| Version 1.4.0 beta4 | |
| Version 1.4.0 beta5 | |
| Version 1.4.0 beta6 | |
| Version 1.4.0 beta7 | |
| Version 1.4.0 beta8 | |
| Version 1.4.0 beta9 | |
| Version 1.5.0 beta10 | |
| Version 1.5.0 beta11 | |
| Version 1.5.0 beta12 | |
| Version 1.5.0 beta13 | |
| Version 1.5.0 beta13b | |
| Version 1.5.0 beta14 | |
| Version 1.5.0 beta1 | |
| Version 1.5.0 beta2 | |
| Version 1.5.0 beta3 | |
| Version 1.5.0 beta4 | |
| Version 1.5.0 beta5 | |
| Version 1.5.0 beta6 | |
| Version 1.5.0 beta7 | |
| Version 1.5.0 beta8 | |
| Version 1.5.0 beta9 | |
| Version 1.6.0 beta10 | |
| Version 1.6.0 beta11 | |
| Version 1.6.0 beta12 | |
| Version 1.6.0 beta1 | |
| Version 1.6.0 beta2 | |
| Version 1.6.0 beta3 | |
| Version 1.6.0 beta4 | |
| Version 1.6.0 beta5 | |
| Version 1.6.0 beta6 | |
| Version 1.6.0 beta7 | |
| Version 1.6.0 beta8 | |
| Version 1.6.0 beta9 | |
| Version 1.7.0 beta10 | |
| Version 1.7.0 beta11 | |
| Version 1.7.0 beta1 | |
| Version 1.7.0 beta2 | |
| Version 1.7.0 beta3 | |
| Version 1.7.0 beta4 | |
| Version 1.7.0 beta5 | |
| Version 1.7.0 beta6 | |
| Version 1.7.0 beta7 | |
| Version 1.7.0 beta8 | |
| Version 1.7.0 beta9 | |
| Version 1.8.0 beta10 | |
| Version 1.8.0 beta11 | |
| Version 1.8.0 beta12 | |
| Version 1.8.0 beta13 | |
| Version 1.8.0 beta1 | |
| Version 1.8.0 beta2 | |
| Version 1.8.0 beta3 | |
| Version 1.8.0 beta4 | |
| Version 1.8.0 beta5 | |
| Version 1.8.0 beta6 | |
| Version 1.8.0 beta7 | |
| Version 1.8.0 beta8 | |
| Version 1.8.0 beta9 | |
| Version 1.9.0 beta10 | |
| Version 1.9.0 beta11 | |
| Version 1.9.0 beta12 | |
| Version 1.9.0 beta13 | |
| Version 1.9.0 beta14 | |
| Version 1.9.0 beta15 | |
| Version 1.9.0 beta16 | |
| Version 1.9.0 beta17 | |
| Version 1.9.0 beta1 | |
| Version 1.9.0 beta2 | |
| Version 1.9.0 beta3 | |
| Version 1.9.0 beta4 | |
| Version 1.9.0 beta5 | |
| Version 1.9.0 beta6 | |
| Version 1.9.0 beta7 | |
| Version 1.9.0 beta8 | |
| Version 1.9.0 beta9 | |
| Version 2.0.0 beta10 | |
| Version 2.0.0 beta1 | |
| Version 2.0.0 beta2 | |
| Version 2.0.0 beta3 | |
| Version 2.0.0 beta4 | |
| Version 2.0.0 beta5 | |
| Version 2.0.0 beta6 | |
| Version 2.0.0 beta7 | |
| Version 2.0.0 beta8 | |
| Version 2.0.0 beta9 | |
| Version 2.1.0 beta1 | |
| Version 2.1.0 beta2 | |
| Version 2.1.0 beta3 | |
| Version 2.1.0 beta4 | |
| Version 2.1.0 beta5 | |
| Version 2.1.0 beta6 | |
| Version 2.2.0 beta10 | |
| Version 2.2.0 beta1 | |
| Version 2.2.0 beta2 | |
| Version 2.2.0 beta3 | |
| Version 2.2.0 beta4 | |
| Version 2.2.0 beta5 | |
| Version 2.2.0 beta6 | |
| Version 2.2.0 beta7 | |
| Version 2.2.0 beta8 | |
| Version 2.2.0 beta9 | |
| Version 2.3.0 beta10 | |
| Version 2.3.0 beta11 | |
| Version 2.3.0 beta1 | |
| Version 2.3.0 beta2 | |
| Version 2.3.0 beta3 | |
| Version 2.3.0 beta4 | |
| Version 2.3.0 beta5 | |
| Version 2.3.0 beta6 | |
| Version 2.3.0 beta7 | |
| Version 2.3.0 beta8 | |
| Version 2.3.0 beta9 | |
| Version 2.4.0 beta10 | |
| Version 2.4.0 beta11 | |
| Version 2.4.0 beta1 | |
| Version 2.4.0 beta2 | |
| Version 2.4.0 beta3 | |
| Version 2.4.0 beta4 | |
| Version 2.4.0 beta5 | |
| Version 2.4.0 beta6 | |
| Version 2.4.0 beta7 | |
| Version 2.4.0 beta8 | |
| Version 2.4.0 beta9 | |
| Version 2.5.0 beta1 | |
| Version 2.5.0 beta2 | |
| Version 2.5.0 beta3 | |
| Version 2.5.0 beta4 | |
| Version 2.5.0 beta5 | |
| Version 2.5.0 beta6 | |
| Version 2.5.0 beta7 | |
| Version 2.6.0 beta1 | |
| Version 2.6.0 beta2 | |
| Version 2.6.0 beta3 | |
| Version 2.6.0 beta4 | |
| Version 2.6.0 beta5 | |
| Version 2.6.0 beta6 | |
| Version 2.7.0 beta1 | |
| Version 2.7.0 beta2 | |
| Version 2.7.0 beta3 | |
| Version 2.7.0 beta4 | |
| Version 2.7.0 beta5 | |
| Version 2.7.0 beta6 | |
| Version 2.7.0 beta7 | |
| Version 2.7.0 beta8 | |
| Version 2.7.0 beta9 | |
| Version 2.8.0 beta10 | |
| Version 2.8.0 beta11 | |
| Version 2.8.0 beta1 | |
| Version 2.8.0 beta2 | |
| Version 2.8.0 beta3 | |
| Version 2.8.0 beta4 | |
| Version 2.8.0 beta5 | |
| Version 2.8.0 beta6 | |
| Version 2.8.0 beta7 | |
| Version 2.8.0 beta8 | |
| Version 2.8.0 beta9 | |
| Version 2.9.0 beta10 | |
| Version 2.9.0 beta11 | |
| Version 2.9.0 beta12 | |
| Version 2.9.0 beta13 | |
| Version 2.9.0 beta14 | |
| Version 2.9.0 beta1 | |
| Version 2.9.0 beta2 | |
| Version 2.9.0 beta3 | |
| Version 2.9.0 beta4 | |
| Version 2.9.0 beta5 | |
| Version 2.9.0 beta6 | |
| Version 2.9.0 beta7 | |
| Version 2.9.0 beta8 | |
| Version 2.9.0 beta9 | |
| Version 3.0.0 beta15 | |
| Version 3.0.0 beta16 | |
| Version 3.1.0 beta1 |
References (2)
Source: security-advisories@github.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.