Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic “Title”, “Category”, and “Tags” allowed authenticated users to extract information about topics that they weren’t authorized to access. By modifying the “topic_id” value in API requests to the AI suggestion endpoints, users could target specific restricted topics. The AI model’s responses then disclosed information that the authenticated user couldn’t normally access. This issue is fixed in version 3.5.1. To workaround this issue, users can restrict group access to the AI helper feature through the "composer_ai_helper_allowed_groups" and "post_ai_helper_allowed_groups" site settings.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Discourse
Discourse discourse
Vendors & Products Discourse
Discourse discourse

Wed, 01 Oct 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 01 Oct 2025 19:00:00 +0000

Type Values Removed Values Added
Description Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic “Title”, “Category”, and “Tags” allowed authenticated users to extract information about topics that they weren’t authorized to access. By modifying the “topic_id” value in API requests to the AI suggestion endpoints, users could target specific restricted topics. The AI model’s responses then disclosed information that the authenticated user couldn’t normally access. This issue is fixed in version 3.5.1. To workaround this issue, users can restrict group access to the AI helper feature through the "composer_ai_helper_allowed_groups" and "post_ai_helper_allowed_groups" site settings.
Title Discourse AI Suggestions Contain Insecure Direct Object Reference
Weaknesses CWE-284
CWE-639
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-10-01T19:24:12.826Z

Reserved: 2025-08-22T14:30:32.221Z

Link: CVE-2025-58055

cve-icon Vulnrichment

Updated: 2025-10-01T18:56:24.229Z

cve-icon NVD

Status : Received

Published: 2025-10-01T19:15:36.317

Modified: 2025-10-01T19:15:36.317

Link: CVE-2025-58055

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-10-02T08:38:21Z