CVE-2025-58055
BaseFortify
Publication date: 2025-10-01
Last updated on: 2025-10-23
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| discourse | discourse | to 3.5.1 (exc) |
| discourse | discourse | to 3.6.0 (exc) |
| discourse | discourse | 3.6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Discourse versions 3.5.0 and below involves the AI suggestion endpoints for topic Title, Category, and Tags. Authenticated users could manipulate the topic_id parameter in API requests to access information about restricted topics they were not authorized to see. The AI model would then disclose information about these restricted topics, effectively leaking data to unauthorized users. This issue is fixed in version 3.5.1.
How can this vulnerability impact me? :
The vulnerability allows authenticated users to access and extract information about restricted topics they should not have access to. This could lead to unauthorized disclosure of sensitive or confidential information within the Discourse platform, potentially compromising privacy and security of the community discussions.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, restrict group access to the AI helper feature by configuring the "composer_ai_helper_allowed_groups" and "post_ai_helper_allowed_groups" site settings. Additionally, upgrade Discourse to version 3.5.1 or later where this issue is fixed.