CVE-2025-58054 | Discourse up to 3.5.0 Quote Message cross site scripting (GHSA-7p47-8m82-m2vf)

Inserito da Angelo Barbosa | Ott 2, 2025 | CVE

A vulnerability was found in Discourse up to 3.5.0 and classified as problematic. Impacted is an unknown function of the component Quote Message Handler. The manipulation results in basic cross site scripting.

This vulnerability is cataloged as CVE-2025-58054. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2025-58054 | Discourse up to 3.5.0 Quote Message cross site scripting (GHSA-7p47-8m82-m2vf)

Post correlati

CVE-2025-0649 | Google Tensorflow up to 2.18.0 JSON stack-based overflow

CVE-2024-34601 | Samsung GalaxyStore prior 4.5.81.0 Broadcast intent by broadcast receiver

CVE-2023-6836 | WSO2 API Manager xml external entity reference

CVE-2024-2616 | Mozilla Firefox ESR up to 115.8 denial of service