Vinoth Kannan

4 exploits Active since Sep 2022
CVE-2022-36068 WRITEUP HIGH WRITEUP
Discourse <2.8.9-2.9.0.beta10 - Privilege Escalation
Discourse is an open source discussion platform. In versions prior to 2.8.9 on the `stable` branch and prior to 2.9.0.beta10 on the `beta` and `tests-passed` branches, a moderator can create new and edit existing themes by using the API when they should not be able to do so. The problem is patched in version 2.8.9 on the `stable` branch and version 2.9.0.beta10 on the `beta` and `tests-passed` branches. There are no known workarounds.
CVSS 7.2
CVE-2023-25169 WRITEUP LOW WRITEUP
discourse_yearly_review < 0.2 - Exposure of Sensitive Information via Incomplete Anonymization
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit `b3ab33bbf7` which is included in the latest version of the Discourse Yearly Review plugin. Users are advised to upgrade. Users unable to upgrade may disable the `yearly_review_enabled` setting to fully mitigate the issue. Also, it's possible to edit the anonymised user's old data in the yearly review topics manually.
CVSS 3.1
CVE-2023-44384 WRITEUP MEDIUM WRITEUP
discourse_jira < 2023-10-01 - Authenticated Server-Side Request Forgery via Jira URL Configuration
Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site setting. A moderator user could manipulate the request path to the Jira API, allowing them to perform arbitrary GET requests using the Jira API credentials, potentially with elevated permissions, used by the application.
CVSS 4.1
CVE-2024-38360 WRITEUP MEDIUM WRITEUP
Discourse < 3.3.0 - Uncontrolled Resource Consumption via Watched Words
Discourse is an open source platform for community discussion. In affected versions by creating replacement words with an almost unlimited number of characters, a moderator can reduce the availability of a Discourse instance. This issue has been addressed in stable version 3.2.3 and in current betas. Users are advised to upgrade. Users unable to upgrade may manually remove the long watched words either via SQL or Rails console.
CVSS 4.9