PT-2023-21571 · Discourse · Discourse
Jomaxro
·
Published
2023-03-17
·
Updated
2024-03-06
·
CVE-2023-28112
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Discourse versions prior to 3.1.0.beta3
Description
Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the
beta and tests-passed branches, some user-provided URLs were being passed to FastImage without SSRF protection. Insufficient protections could enable attackers to trigger outbound network connections from the Discourse server to private IP addresses.Recommendations
For versions prior to 3.1.0.beta3, update to version 3.1.0.beta3 or later of the
beta and tests-passed branches to resolve the issue. As a temporary workaround, consider restricting access to the FastImage functionality until a patch is applied.Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Discourse