CVE-2023-23615

EPSS 0.24%
Veröffentlicht 03.02.2023 22:15:12
Zuletzt bearbeitet 21.11.2024 07:46:32
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Discourse is an open source discussion platform. The embeddable comments can be exploited to create new topics as any user but without any clear title or content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. As a workaround, disable embeddable comments by deleting all embeddable hosts.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Discourse ≫ Discourse SwEditionstable Version <= 3.0.0

Discourse ≫ Discourse Version1.1.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta6b SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.1.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.2.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.3.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta12 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.4.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta12 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta13 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta13b SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta14 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.5.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta12 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.6.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.7.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta12 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta13 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.8.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta12 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta13 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta14 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta15 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta16 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta17 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version1.9.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.0.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.1.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.1.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.1.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.1.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.1.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.1.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.2.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.3.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.4.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.5.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.6.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.6.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.6.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.6.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.6.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.6.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.7.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.8.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta1 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta10 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta11 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta12 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta13 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta14 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta2 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta3 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta4 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta5 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta6 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta7 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta8 SwEditionbeta

Discourse ≫ Discourse Version2.9.0 Updatebeta9 SwEditionbeta

Discourse ≫ Discourse Version3.0.0 Updatebeta15 SwEditionbeta

Discourse ≫ Discourse Version3.0.0 Updatebeta16 SwEditionbeta

Discourse ≫ Discourse Version3.1.0 Updatebeta1 SwEditionbeta

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.471

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://github.com/discourse/discourse/security/advisories/GHSA-7mf3-5v84-wxq8

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-23615

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-23615

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-23615

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-23615