Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-45806 PoC — Discourse vulnerable to DoS via Regexp Injection in Full Name

Source
https://github.com/pikariop/yksivaihde-CVE-2023-45806
Associated Vulnerability
Title:Discourse vulnerable to DoS via Regexp Injection in Full Name (CVE-2023-45806)
Description:Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, if a user has been quoted and uses a `|` in their full name, they might be able to trigger a bug that generates a lot of duplicate content in all the posts they've been quoted by updating their full name again. Version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches contain a patch for this issue. No known workaround exists, although one can stop the "bleeding" by ensuring users only use alphanumeric characters in their full name field.
Readme
# yksivaihde-CVE-2023-45806

CVE: https://github.com/discourse/discourse/security/advisories/GHSA-hcgf-hg2g-mw78

Patch: https://github.com/discourse/discourse/commit/7d484864fe91ff79c478f57e7ddb1235d701921e

usage: `fix_quote_attribution("Username|", <limit>, <dry_run>)`

where "Username|" is the unique search string within the quote attribution
File Snapshot

 [4.0K]  /data/pocs/9cfef417c64d1cc72cb60e6b059c21dcdf8a28bc
├── [2.8K]  fix-quote-attribution.rb
├── [ 34K]  LICENSE
└── [ 349]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →