Unrated severityNVD Advisory· Published Jul 15, 2024· Updated Aug 2, 2024
Denial of service via Watched Words in Discourse
CVE-2024-38360
Description
Discourse is an open source platform for community discussion. In affected versions by creating replacement words with an almost unlimited number of characters, a moderator can reduce the availability of a Discourse instance. This issue has been addressed in stable version 3.2.3 and in current betas. Users are advised to upgrade. Users unable to upgrade may manually remove the long watched words either via SQL or Rails console.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<3.2.3+ 1 more
- (no CPE)range: <3.2.3
- (no CPE)range: stable <= 3.2.2
Patches
Vulnerability mechanics
References
2- github.com/discourse/discourse/commit/7b53e610c17e38be982dffefa4e5b5a709a3b990mitrex_refsource_MISC
- github.com/discourse/discourse/security/advisories/GHSA-68pm-hm8x-pq2pmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.