..| Discourse 2.7.0 - CVE-2021-3138 |..

Description :

Rate limit Bypass which leads to 2FA Bypass

Tested Version :

2.7.0

Attack Type:

Remote

Impact :

2FA Bypass

Vendor of Product :

https://www.discourse.org

Additional Information :

Discourse is discussion platform built for the next decade of the Internet .Used as:
-mailing list
-discussion forum
-long-form chat room

and there are well known companies such as Google acquisitions that have been using Discourse until this moment.

Discoverer :

Meshal Almansour
Twitter: mesh3l_911

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
README.md		README.md
Requests_number.py		Requests_number.py
exploit.py		exploit.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Requests_number.py

Requests_number.py

exploit.py

exploit.py

Repository files navigation

..| Discourse 2.7.0 - CVE-2021-3138 |..

Description :

Tested Version :

Attack Type:

Impact :

Vendor of Product :

Additional Information :

Discoverer :

About

Releases

Packages

Languages

Mesh3l911/CVE-2021-3138

Folders and files

Latest commit

History

Repository files navigation

..| Discourse 2.7.0 - CVE-2021-3138 |..

Description :

Tested Version :

Attack Type:

Impact :

Vendor of Product :

Additional Information :

Discoverer :

About

Resources

Stars

Watchers

Forks

Languages