VYPR
Unrated severityNVD Advisory· Published Nov 10, 2023· Updated Feb 27, 2025

Discourse SSRF vulnerability in Embedding

CVE-2023-47121

Description

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches. As a workaround, disable the Embedding feature.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.