![]() |
|
HackerOne Disclosed Reports - 2026-06-30 - Printable Version +- Dark C0d3rs (https://darkcoders.wiki) +-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log) +--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports) +--- Thread: HackerOne Disclosed Reports - 2026-06-30 (/Thread-HackerOne-Disclosed-Reports-2026-06-30) |
HackerOne disclosed reports - 2026-06-30 - hashXploiter - 07-01-2026
High
resolved Denial of Service (DoS) Vulnerability in Drafts Creation EndpointBug reported by dpaysm was disclosed at June 30, 2026, 2:28 am | Uncontrolled Resource Consumption A Denial of Service (DoS) vulnerability was identified in the /drafts.json endpoint on the Discourse forum. Large payloads (around 800,000 characters or more) submitted to create drafts caused the server to process the request, return a 502 Bad Gateway error, but still save the draft. Submitting multiple such large drafts led to significant server delays, with response times exceeding 32 seconds, indicating resource exhaustion. |