Vulnerability CVE-2021-3138


Published: 2021-01-14

Description:
In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms.

 References:
https://blog.discourse.org/
https://github.com/discourse/discourse/releases
https://github.com/Mesh3l911/Disource

Copyright 2021, cxsecurity.com

 

Back to Top