← Back

CVE-2023-28440

nvd nist
Published: Apr 18, 2023Modified: Nov 21, 2024

JSON object

Loading...
2.7
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Exploitability: 1.2 / Impact: 1.4
Source: NVD

Description

Discourse is an open source platform for community discussion. In affected versions a maliciously crafted request from a Discourse administrator can lead to a long-running request and eventual timeout. This has the greatest potential impact in shared hosting environments where admins are untrusted. This issue has been addressed in versions 3.0.3 and 3.1.0.beta4. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected (210)

Products: Discourse: Discourse
Discourse
1 product
Discourse
Configuration A
210 vulnerable
Vulnerable SoftwareAffected Versions
Discourse
Discourse
Before 3.0.3
Discourse
Version 1.1.0 beta1
Discourse
Version 1.1.0 beta2
Discourse
Version 1.1.0 beta3
Discourse
Version 1.1.0 beta4
Discourse
Version 1.1.0 beta5
Discourse
Version 1.1.0 beta6
Discourse
Version 1.1.0 beta6b
Discourse
Version 1.1.0 beta7
Discourse
Version 1.1.0 beta8
Discourse
Version 1.2.0 beta1
Discourse
Version 1.2.0 beta2
Discourse
Version 1.2.0 beta3
Discourse
Version 1.2.0 beta4
Discourse
Version 1.2.0 beta5
Discourse
Version 1.2.0 beta6
Discourse
Version 1.2.0 beta7
Discourse
Version 1.2.0 beta8
Discourse
Version 1.2.0 beta9
Discourse
Version 1.3.0 beta10
Discourse
Version 1.3.0 beta11
Discourse
Version 1.3.0 beta1
Discourse
Version 1.3.0 beta2
Discourse
Version 1.3.0 beta3
Discourse
Version 1.3.0 beta4
Discourse
Version 1.3.0 beta5
Discourse
Version 1.3.0 beta6
Discourse
Version 1.3.0 beta7
Discourse
Version 1.3.0 beta8
Discourse
Version 1.3.0 beta9
Discourse
Version 1.4.0 beta10
Discourse
Version 1.4.0 beta11
Discourse
Version 1.4.0 beta12
Discourse
Version 1.4.0 beta1
Discourse
Version 1.4.0 beta2
Discourse
Version 1.4.0 beta3
Discourse
Version 1.4.0 beta4
Discourse
Version 1.4.0 beta5
Discourse
Version 1.4.0 beta6
Discourse
Version 1.4.0 beta7
Discourse
Version 1.4.0 beta8
Discourse
Version 1.4.0 beta9
Discourse
Version 1.5.0 beta10
Discourse
Version 1.5.0 beta11
Discourse
Version 1.5.0 beta12
Discourse
Version 1.5.0 beta13
Discourse
Version 1.5.0 beta13b
Discourse
Version 1.5.0 beta14
Discourse
Version 1.5.0 beta1
Discourse
Version 1.5.0 beta2
Discourse
Version 1.5.0 beta3
Discourse
Version 1.5.0 beta4
Discourse
Version 1.5.0 beta5
Discourse
Version 1.5.0 beta6
Discourse
Version 1.5.0 beta7
Discourse
Version 1.5.0 beta8
Discourse
Version 1.5.0 beta9
Discourse
Version 1.6.0 beta10
Discourse
Version 1.6.0 beta11
Discourse
Version 1.6.0 beta12
Discourse
Version 1.6.0 beta1
Discourse
Version 1.6.0 beta2
Discourse
Version 1.6.0 beta3
Discourse
Version 1.6.0 beta4
Discourse
Version 1.6.0 beta5
Discourse
Version 1.6.0 beta6
Discourse
Version 1.6.0 beta7
Discourse
Version 1.6.0 beta8
Discourse
Version 1.6.0 beta9
Discourse
Version 1.7.0 beta10
Discourse
Version 1.7.0 beta11
Discourse
Version 1.7.0 beta1
Discourse
Version 1.7.0 beta2
Discourse
Version 1.7.0 beta3
Discourse
Version 1.7.0 beta4
Discourse
Version 1.7.0 beta5
Discourse
Version 1.7.0 beta6
Discourse
Version 1.7.0 beta7
Discourse
Version 1.7.0 beta8
Discourse
Version 1.7.0 beta9
Discourse
Version 1.8.0 beta10
Discourse
Version 1.8.0 beta11
Discourse
Version 1.8.0 beta12
Discourse
Version 1.8.0 beta13
Discourse
Version 1.8.0 beta1
Discourse
Version 1.8.0 beta2
Discourse
Version 1.8.0 beta3
Discourse
Version 1.8.0 beta4
Discourse
Version 1.8.0 beta5
Discourse
Version 1.8.0 beta6
Discourse
Version 1.8.0 beta7
Discourse
Version 1.8.0 beta8
Discourse
Version 1.8.0 beta9
Discourse
Version 1.9.0 beta10
Discourse
Version 1.9.0 beta11
Discourse
Version 1.9.0 beta12
Discourse
Version 1.9.0 beta13
Discourse
Version 1.9.0 beta14
Discourse
Version 1.9.0 beta15
Discourse
Version 1.9.0 beta16
Discourse
Version 1.9.0 beta17
Discourse
Version 1.9.0 beta1
Discourse
Version 1.9.0 beta2
Discourse
Version 1.9.0 beta3
Discourse
Version 1.9.0 beta4
Discourse
Version 1.9.0 beta5
Discourse
Version 1.9.0 beta6
Discourse
Version 1.9.0 beta7
Discourse
Version 1.9.0 beta8
Discourse
Version 1.9.0 beta9
Discourse
Version 2.0.0 beta10
Discourse
Version 2.0.0 beta1
Discourse
Version 2.0.0 beta2
Discourse
Version 2.0.0 beta3
Discourse
Version 2.0.0 beta4
Discourse
Version 2.0.0 beta5
Discourse
Version 2.0.0 beta6
Discourse
Version 2.0.0 beta7
Discourse
Version 2.0.0 beta8
Discourse
Version 2.0.0 beta9
Discourse
Version 2.1.0 beta1
Discourse
Version 2.1.0 beta2
Discourse
Version 2.1.0 beta3
Discourse
Version 2.1.0 beta4
Discourse
Version 2.1.0 beta5
Discourse
Version 2.1.0 beta6
Discourse
Version 2.2.0 beta10
Discourse
Version 2.2.0 beta1
Discourse
Version 2.2.0 beta2
Discourse
Version 2.2.0 beta3
Discourse
Version 2.2.0 beta4
Discourse
Version 2.2.0 beta5
Discourse
Version 2.2.0 beta6
Discourse
Version 2.2.0 beta7
Discourse
Version 2.2.0 beta8
Discourse
Version 2.2.0 beta9
Discourse
Version 2.3.0 beta10
Discourse
Version 2.3.0 beta11
Discourse
Version 2.3.0 beta1
Discourse
Version 2.3.0 beta2
Discourse
Version 2.3.0 beta3
Discourse
Version 2.3.0 beta4
Discourse
Version 2.3.0 beta5
Discourse
Version 2.3.0 beta6
Discourse
Version 2.3.0 beta7
Discourse
Version 2.3.0 beta8
Discourse
Version 2.3.0 beta9
Discourse
Version 2.4.0 beta10
Discourse
Version 2.4.0 beta11
Discourse
Version 2.4.0 beta1
Discourse
Version 2.4.0 beta2
Discourse
Version 2.4.0 beta3
Discourse
Version 2.4.0 beta4
Discourse
Version 2.4.0 beta5
Discourse
Version 2.4.0 beta6
Discourse
Version 2.4.0 beta7
Discourse
Version 2.4.0 beta8
Discourse
Version 2.4.0 beta9
Discourse
Version 2.5.0 beta1
Discourse
Version 2.5.0 beta2
Discourse
Version 2.5.0 beta3
Discourse
Version 2.5.0 beta4
Discourse
Version 2.5.0 beta5
Discourse
Version 2.5.0 beta6
Discourse
Version 2.5.0 beta7
Discourse
Version 2.6.0 beta1
Discourse
Version 2.6.0 beta2
Discourse
Version 2.6.0 beta3
Discourse
Version 2.6.0 beta4
Discourse
Version 2.6.0 beta5
Discourse
Version 2.6.0 beta6
Discourse
Version 2.7.0 beta1
Discourse
Version 2.7.0 beta2
Discourse
Version 2.7.0 beta3
Discourse
Version 2.7.0 beta4
Discourse
Version 2.7.0 beta5
Discourse
Version 2.7.0 beta6
Discourse
Version 2.7.0 beta7
Discourse
Version 2.7.0 beta8
Discourse
Version 2.7.0 beta9
Discourse
Version 2.8.0 beta10
Discourse
Version 2.8.0 beta11
Discourse
Version 2.8.0 beta1
Discourse
Version 2.8.0 beta2
Discourse
Version 2.8.0 beta3
Discourse
Version 2.8.0 beta4
Discourse
Version 2.8.0 beta5
Discourse
Version 2.8.0 beta6
Discourse
Version 2.8.0 beta7
Discourse
Version 2.8.0 beta8
Discourse
Version 2.8.0 beta9
Discourse
Version 2.9.0 beta10
Discourse
Version 2.9.0 beta11
Discourse
Version 2.9.0 beta12
Discourse
Version 2.9.0 beta13
Discourse
Version 2.9.0 beta14
Discourse
Version 2.9.0 beta1
Discourse
Version 2.9.0 beta2
Discourse
Version 2.9.0 beta3
Discourse
Version 2.9.0 beta4
Discourse
Version 2.9.0 beta5
Discourse
Version 2.9.0 beta6
Discourse
Version 2.9.0 beta7
Discourse
Version 2.9.0 beta8
Discourse
Version 2.9.0 beta9
Discourse
Version 3.0.0 beta15
Discourse
Version 3.0.0 beta16
Discourse
Version 3.1.0 beta1
Discourse
Version 3.1.0 beta2
Discourse
Version 3.1.0 beta3

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

Source: security-advisories@github.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.