CVE-2026-53963 in Discourse정보

요약

\~에 의해 MITRE • 2026. 07. 10.

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a malicious second factor name on an attacker-controlled account was not escaped in the delete confirmation dialog, allowing stored cross-site scripting when an administrator impersonated that account. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

책임이 있는

GitHub M

예약하다

2026. 06. 11.

모더레이션

수락

항목

VDB-377357

EPSS

0.00000

출처

Might our Artificial Intelligence support you?

Check our Alexa App!