CVE-2024-35234
4.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
Summary
Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta3 on the tests-passed branch, an attacker can execute arbitrary JavaScript on users’ browsers by posting a specific URL containing maliciously crafted meta tags. This issue only affects sites with Content Security Polic (CSP) disabled. The problem has been patched in version 3.2.3 on the stable branch and version 3.3.0.beta3 on the tests-passed branch. As a workaround, ensure CSP is enabled on the forum.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| discourse | discourse | stable < 3.2.3 | affected |
| discourse | discourse | tests-passed < 3.3.0.beta3 | affected |
Weaknesses
- CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://github.com/discourse/discourse/security/advisories/GHSA-5chg-hm8c-wc58
- https://github.com/discourse/discourse/commit/26aef0c288839378b9de5819e96eac8cf4ea60fd
- https://github.com/discourse/discourse/commit/311b737c910cf0a69f61e1b8bc0b78374b6619d2
References
- https://github.com/discourse/discourse/security/advisories/GHSA-5chg-hm8c-wc58
- https://github.com/discourse/discourse/commit/26aef0c288839378b9de5819e96eac8cf4ea60fd
- https://github.com/discourse/discourse/commit/311b737c910cf0a69f61e1b8bc0b78374b6619d2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.