CVE-2023-37904

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-37904

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-37904.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-37904

Aliases

BIT-discourse-2023-37904

Related

GHSA-6wj5-4ph2-c7qg

Published

2023-07-28T16:15:11Z

Modified

2025-01-08T15:26:54.669060Z

Severity

3.1 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches. As a workaround, use restrict to email address invites.

References

Affected packages

Git / github.com/discourse/discourse

Affected ranges

Type: GIT
Repo: https://github.com/discourse/discourse
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

62a609ea2d0645a27ee8adbb01ce10a5e03a600b

Fixed

62a609ea2d0645a27ee8adbb01ce10a5e03a600b

Affected versions

v0.*

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.8.4

v0.8.5

v0.8.6

v0.8.7

v0.8.8

v0.8.9

v0.9.0

v0.9.1

v0.9.2

v0.9.2.5

v0.9.2.6

v0.9.3

v0.9.3.5

v0.9.4

v0.9.5

v0.9.5.1

v0.9.5.2

v0.9.6

v0.9.6.1

v0.9.6.2

v0.9.6.3

v0.9.6.4

v0.9.7

v0.9.7.1

v0.9.7.2

v0.9.7.3

v0.9.7.4

v0.9.7.5

v0.9.7.6

v0.9.7.7

v0.9.7.8

v0.9.7.9

v0.9.8

v0.9.8.1

v0.9.8.10

v0.9.8.11

v0.9.8.2

v0.9.8.3

v0.9.8.4

v0.9.8.5

v0.9.8.6

v0.9.8.7

v0.9.8.8

v0.9.8.9

v0.9.9.1

v0.9.9.10

v0.9.9.11

v0.9.9.12

v0.9.9.13

v0.9.9.14

v0.9.9.15

v0.9.9.16

v0.9.9.17

v0.9.9.18

v0.9.9.2

v0.9.9.3

v0.9.9.4

v0.9.9.5

v0.9.9.6

v0.9.9.7

v0.9.9.8

v0.9.9.9

v1.*

v1.0.0

v1.1.0.beta2

v1.1.0.beta3

v1.1.0.beta4

v1.1.0.beta5

v1.1.0.beta6

v1.1.0.beta6b

v1.1.0.beta7

v1.1.0.beta8

v1.2.0.beta1

v1.2.0.beta2

v1.2.0.beta3

v1.2.0.beta4

v1.2.0.beta5

v1.2.0.beta6

v1.2.0.beta7

v1.2.0.beta8

v1.2.0.beta9

v1.3.0.beta1

v1.3.0.beta10

v1.3.0.beta11

v1.3.0.beta2

v1.3.0.beta3

v1.3.0.beta4

v1.3.0.beta5

v1.3.0.beta6

v1.3.0.beta7

v1.3.0.beta9

v1.4.0.beta1

v1.4.0.beta10

v1.4.0.beta11

v1.4.0.beta12

v1.4.0.beta2

v1.4.0.beta3

v1.4.0.beta4

v1.4.0.beta5

v1.4.0.beta6

v1.4.0.beta7

v1.4.0.beta8

v1.4.0.beta9

v1.5.0.beta1

v1.5.0.beta10

v1.5.0.beta11

v1.5.0.beta12

v1.5.0.beta13

v1.5.0.beta13b

v1.5.0.beta14

v1.5.0.beta2

v1.5.0.beta3

v1.5.0.beta4

v1.5.0.beta5

v1.5.0.beta6

v1.5.0.beta7

v1.5.0.beta8

v1.5.0.beta9

v1.6.0.beta1

v1.6.0.beta10

v1.6.0.beta11

v1.6.0.beta12

v1.6.0.beta2

v1.6.0.beta3

v1.6.0.beta4

v1.6.0.beta5

v1.6.0.beta6

v1.6.0.beta7

v1.6.0.beta8

v1.6.0.beta9

v1.7.0.beta1

v1.7.0.beta10

v1.7.0.beta11

v1.7.0.beta2

v1.7.0.beta3

v1.7.0.beta4

v1.7.0.beta5

v1.7.0.beta6

v1.7.0.beta7

v1.7.0.beta8

v1.7.0.beta9

v1.8.0.beta1

v1.8.0.beta10

v1.8.0.beta11

v1.8.0.beta12

v1.8.0.beta13

v1.8.0.beta2

v1.8.0.beta3

v1.8.0.beta4

v1.8.0.beta5

v1.8.0.beta6

v1.8.0.beta7

v1.8.0.beta8

v1.8.0.beta9

v1.9.0.beta1

v1.9.0.beta10

v1.9.0.beta11

v1.9.0.beta12

v1.9.0.beta13

v1.9.0.beta14

v1.9.0.beta15

v1.9.0.beta16

v1.9.0.beta17

v1.9.0.beta2

v1.9.0.beta3

v1.9.0.beta4

v1.9.0.beta5

v1.9.0.beta6

v1.9.0.beta7

v1.9.0.beta8

v1.9.0.beta9

v2.*

v2.0.0.beta1

v2.0.0.beta10

v2.0.0.beta2

v2.0.0.beta3

v2.0.0.beta4

v2.0.0.beta5

v2.0.0.beta6

v2.0.0.beta7

v2.0.0.beta8

v2.0.0.beta9

v2.1.0.beta1

v2.1.0.beta2

v2.1.0.beta3

v2.1.0.beta4

v2.1.0.beta5

v2.1.0.beta6

v2.2.0.beta1

v2.2.0.beta10

v2.2.0.beta2

v2.2.0.beta3

v2.2.0.beta4

v2.2.0.beta5

v2.2.0.beta6

v2.2.0.beta7

v2.2.0.beta8

v2.2.0.beta9

v2.3.0.beta1

v2.3.0.beta10

v2.3.0.beta11

v2.3.0.beta2

v2.3.0.beta3

v2.3.0.beta4

v2.3.0.beta5

v2.3.0.beta6

v2.3.0.beta7

v2.3.0.beta8

v2.3.0.beta9

v2.4.0.beta1

v2.4.0.beta10

v2.4.0.beta11

v2.4.0.beta2

v2.4.0.beta3

v2.4.0.beta4

v2.4.0.beta5

v2.4.0.beta6

v2.4.0.beta7

v2.4.0.beta8

v2.4.0.beta9

v2.5.0.beta1

v2.5.0.beta2

v2.5.0.beta3

v2.5.0.beta4

v2.5.0.beta5

v2.5.0.beta6

v2.5.0.beta7

v2.6.0.beta1

v2.6.0.beta2

v2.6.0.beta3

v2.6.0.beta4

v2.6.0.beta5

v2.6.0.beta6

v2.7.0.beta1

v2.7.0.beta2

v2.7.0.beta3

v2.7.0.beta4

v2.7.0.beta5

v2.7.0.beta6

v2.7.0.beta7

v2.7.0.beta8

v2.7.0.beta9

v2.8.0.beta1

v2.8.0.beta10

v2.8.0.beta11

v2.8.0.beta2

v2.8.0.beta3

v2.8.0.beta4

v2.8.0.beta5

v2.8.0.beta6

v2.8.0.beta7

v2.8.0.beta8

v2.8.0.beta9

v2.9.0.beta1

v2.9.0.beta10

v2.9.0.beta11

v2.9.0.beta12

v2.9.0.beta13

v2.9.0.beta14

v2.9.0.beta2

v2.9.0.beta3

v2.9.0.beta4

v2.9.0.beta5

v2.9.0.beta6

v2.9.0.beta7

v2.9.0.beta8

v2.9.0.beta9

v3.*

v3.0.0.beta15

v3.0.0.beta16

v3.1.0.beta1

v3.1.0.beta2

v3.1.0.beta3

v3.1.0.beta4

v3.1.0.beta5

v3.1.0.beta6