Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 02 Oct 2025 09:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Discourse
Discourse discourse |
|
Vendors & Products |
Discourse
Discourse discourse |
Wed, 01 Oct 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 01 Oct 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Discourse is an open-source community discussion platform. Versions 3.5.0 and below are vulnerable to XSS attacks through parsing and rendering of chat channel titles and chat thread titles via the quote message functionality when using the rich text editor. This issue is fixed in version 3.5.1. | |
Title | Discourse is vulnerable to XSS when quoting chat messages | |
Weaknesses | CWE-80 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-10-01T19:24:29.602Z
Reserved: 2025-08-22T14:30:32.221Z
Link: CVE-2025-58054

Updated: 2025-10-01T19:04:03.917Z

Status : Received
Published: 2025-10-01T19:15:36.150
Modified: 2025-10-01T19:15:36.150
Link: CVE-2025-58054

No data.

Updated: 2025-10-02T08:38:20Z