CVE-2023-36466

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jul 14, 2023

Updated: Jul 27, 2023

CWE ID 287

CWE ID 20

Summary

CVE-2023-36466 is a vulnerability affecting Discourse, an open-source discussion platform. This issue allows users to bypass title validations during topic editing, enabling them to use excessive length titles, an excessive number of emojis, or even blank titles. This vulnerability has been addressed in the latest stable, beta, and tests-passed versions of Discourse.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Discourse

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r_qqVq
https://www.cve.org/CVERecord?id=CVE-2023-36466
https://nvd.nist.gov/vuln/detail/CVE-2023-36466

Back to Vulnerability Database

CVE-2023-36466

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations