Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the `tests-passed` branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the `tests-passed` branch. There are no known workarounds.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-03-17T14:45:35.889Z
Updated: 2023-03-17T14:45:35.889Z
Reserved: 2023-02-17T22:44:03.149Z
Link: CVE-2023-26040
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-17T15:15:12.237
Modified: 2023-03-23T19:20:17.503
Link: CVE-2023-26040
JSON object: View
Redhat Information
No data.
CWE