A vulnerability classified as critical has been found in Discourse up to 3.4.6/3.5.0.beta.7. Affected is an unknown function. The manipulation leads to session fixiation.
This vulnerability is traded as CVE-2025-53102. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.