Unrated severityNVD Advisory· Published Jul 14, 2023· Updated Oct 22, 2024
Topic Title Validation Skipped When Changing Category in Discourse
CVE-2023-36466
Description
Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: stable < 3.0.5
Patches
Vulnerability mechanics
References
1- github.com/discourse/discourse/security/advisories/GHSA-4hjh-wg43-p932mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.