A vulnerability has been found in Discourse up to 2026.1.4/2026.4.1/2026.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the component SVG Sanitization. The manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2026-53962. Remote exploitation of the attack is possible. No exploit is available.