Unrated severityNVD Advisory· Published Mar 17, 2023· Updated Feb 25, 2025

Discourse's SSRF protection missing for some FastImage requests

CVE-2023-28112

Description

Discourse is an open-source discussion platform. Prior to version 3.1.0.beta3 of the beta and tests-passed branches, some user provided URLs were being passed to FastImage without SSRF protection. Insufficient protections could enable attackers to trigger outbound network connections from the Discourse server to private IP addresses. This affects any site running the tests-passed or beta branches versions 3.1.0.beta2 and prior. This issue is patched in version 3.1.0.beta3 of the beta and tests-passed branches. There are no known workarounds.

Affected products

Discourse (software)/Discoursev5
Range: beta < 3.1.0.beta3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/discourse/discourse/commit/39c2f63b35d90ebaf67b9604cf1d424e5984203cmitrex_refsource_MISC
github.com/discourse/discourse/pull/20710mitrex_refsource_MISC
github.com/discourse/discourse/security/advisories/GHSA-9897-x229-55ghmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000