Discourse allows self-XSS through malicious composer message
CVE-2022-46148

7.1HIGH

Key Information:

Vendor: Discourse
Status: Discourse
Vendor: CVE Published:; 29 November 2022

Summary

Discourse is an open-source messaging platform. In versions 2.8.10 and prior on the stable branch and versions 2.9.0.beta11 and prior on the beta and tests-passed branches, users composing malicious messages and navigating to drafts page could self-XSS. This vulnerability can lead to a full XSS on sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in the latest stable, beta and tests-passed versions of Discourse.

Affected Version(s)

discourse <= 2.8.10 <= 2.8.10

discourse >= 2.9.0.beta1, <= 2.9.0.beta11 <= 2.9.0.beta1, 2.9.0.beta11

References

https://github.com/discourse/discourse/security/advisorie...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 29, 2022
Vulnerability Reserved
Nov 28, 2022