Security Advisory

CVE-2025-68662

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-28 19:12:24
Last updated 2026-01-28 20:21:50
Assigner GitHub_M
State PUBLISHED

Description

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0. No known workarounds are available.