BIT-discourse-2026-53962: Discourse: Insufficient SVG sanitization logic
Discourse versions prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5 contain insufficient SVG sanitization in upload and user avatar handling. This vulnerability could allow cross-site scripting…
Read the full article2d agoen
Comments
Sign in to join the conversation.
No comments yet. Be the first.