Gingermanymph

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 3.1.5 Discourse versions prior to 3.2.0.beta5 **Description** Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS issue in some situations. This issue only affects Discourse instances which have disabled the default Content Security Policy. **Recommendations** For versions prior to 3.1.5, update to version 3.1.5 or later. For versions prior to 3.2.0.beta5, update to version 3.2.0.beta5 or later. As a temporary workaround, ensure Content Security Policy is enabled and does not include `unsafe-inline`.