Cache Poisoning Vulnerability in Discourse Discussion Platform
CVE-2025-61598

6.3MEDIUM

Key Information:

Vendor

Discourse
Status
Discourse
Vendor
CVE Published:
28 October 2025

What is CVE-2025-61598?

Discourse, a popular open-source discussion platform, had a vulnerability in versions prior to 3.6.2 and 3.6.0.beta2 due to the absence of a default Cache-Control response header. Specifically, the no-store, no-cache directive was missing from error responses, which could lead to unintended caching by intermediaries such as proxies. This behavior poses a risk of cache poisoning attacks, allowing an attacker to inject harmful content into cached responses, potentially compromising user data. The issue has been addressed in the updates 3.6.2 and 3.6.0.beta2, which restore proper cache control measures.

Affected Version(s)

discourse < 3.6.2 < 3.6.2

discourse >= 3.6.0.beta1, < 3.6.0.beta2 < 3.6.0.beta1, 3.6.0.beta2

References

https://github.com/discourse/discourse/security/advisorie...
x_refsource_CONFIRM
https://github.com/discourse/discourse/commit/3ea1b663c82...
x_refsource_MISC
https://github.com/discourse/discourse/commit/fd567af7bf5...
x_refsource_MISC

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.