mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
1013 B
1013 B
CVE-2023-40588
Description
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the stable branch and version 3.2.0.beta1 of the beta and tests-passed branches, a malicious user could add a 2FA or security key with a carefully crafted name to their account and cause a denial of service for other users. The issue is patched in version 3.1.1 of the stable branch and version 3.2.0.beta1 of the beta and tests-passed branches. There are no known workarounds.
POC
Reference
No PoCs from references.