CVE-2025-58054 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Discourse is an open-source community discussion platform. Versions 3.5.0 and below are vulnerable to XSS attacks through parsing and rendering of chat channel…
Low CVSS: 3.5

CVE-2025-58054

Discourse is an open-source community discussion platform. Versions 3.5.0 and below are vulnerable to XSS attacks through parsing and rendering of chat channel titles and chat thread titles via the quote message functionality when using the rich text editor. This issue is fixed in version 3.5.1.
Vendor
Discourse
Product
Discourse
CWE
CWE-80
Yayın Tarihi
2025-10-01 19:15:36
Güncelleme
2025-10-23 15:09:44
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-80 Discourse LOW Discourse 2025

Referanslar

https://github.com/discourse/discourse/commit/3a224fd546d894ee408e7414b6879e814a792f91 https://github.com/discourse/discourse/security/advisories/GHSA-7p47-8m82-m2vf