Vulnerability Details : CVE-2022-23549
Discourse is an option source discussion platform. Prior to version 2.8.14 on the `stable` branch and version 2.9.0.beta16 on the `beta` and `tests-passed` branches, users can create posts with raw body longer than the `max_length` site setting by including html comments that are not counted toward the character limit. This issue is patched in versions 2.8.14 and 2.9.0.beta16. There are no known workarounds.
Vulnerability category: Input validation
Products affected by CVE-2022-23549
- cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta12:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta13:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:2.9.0:beta14:*:*:*:*:*:*
- cpe:2.3:a:discourse:discourse:3.0.0:beta15:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-23549
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-23549
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST | |
5.7
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H |
2.1
|
3.6
|
GitHub, Inc. |
CWE ids for CVE-2022-23549
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: security-advisories@github.com (Secondary)
References for CVE-2022-23549
-
https://github.com/discourse/discourse/commit/bf6b08670a927cc80bb090b7a2e710b4b554e6a8
SECURITY: Check the length of raw post body (#19733) · discourse/discourse@bf6b086 · GitHubPatch;Third Party Advisory
-
https://github.com/discourse/discourse/security/advisories/GHSA-p47g-v5wr-p4xp
Bypass of post max_length using HTML comments · Advisory · discourse/discourse · GitHubThird Party Advisory
Jump to