all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-28111 (discourse)

Add to bookmarks
March 17, 2023, 5:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the `beta` and `tests-passed` branches, attackers are able to bypass Discourse's server-side request forgery (SSRF) protection for private IPv4 addresses by using a IPv4-mapped IPv6 address. The issue is patched in the latest beta and tests-passed version of Discourse. version 3.1.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.

address addresses attackers beta bypass cve discourse forgery ipv4 ipv6 issue latest platform private protection request server server-side request forgery ssrf tests version

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs