Exploit for Inefficient Regular Expression Complexity in Discourse CVE-2023-45806

Name: Exploit for Inefficient Regular Expression Complexity in Discourse CVE-2023-45806
Rating: 5 (79 reviews)

2025-03-14 | CVSS 5.4

## https://sploitus.com/exploit?id=1568CD96-71BC-5ACB-868C-D1458F4C01F2
# yksivaihde-CVE-2023-45806

CVE: https://github.com/discourse/discourse/security/advisories/GHSA-hcgf-hg2g-mw78

Patch: https://github.com/discourse/discourse/commit/7d484864fe91ff79c478f57e7ddb1235d701921e

usage: `fix_quote_attribution("Username|", <limit>, <dry_run>)`

where "Username|" is the unique search string within the quote attribution