CVE-2025-68662 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination…
High CVSS: 7.6

CVE-2025-68662

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0. No known workarounds are available.
Vendor
Discourse
Product
Discourse
CWE
CWE-918
Yayın Tarihi
2026-01-28 20:16:11
Güncelleme
2026-01-30 20:44:48
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-918 Discourse HIGH Discourse 2026

Referanslar

https://github.com/discourse/discourse/security/advisories/GHSA-gcfp-rjfc-925c