Security Advisory

CVE-2025-48053

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-09 12:30:33

Last updated 2025-06-09 13:01:18

Assigner GitHub_M

State PUBLISHED

Description

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. No known workarounds are available.

← Browse all CVEs View on cve.org ↗