Discourse is a platform for community discussion. For fields that are client editable, limits on sizes are not imposed. This allows a malicious actor to cause a Discourse instance to use excessive disk space and also often excessive bandwidth. The issue is patched 3.1.4 and 3.2.0.beta4.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
discourse discourse 3.2.0 |
||
discourse discourse |