Highlillinator

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 3.1.4 Discourse version beta 3.2.0.beta5 and earlier **Description** Discourse is a platform for community discussion. The message serializer uses the full list of expanded chat mentions (@all and @here), which can lead to a very long array of users. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later. For version beta 3.2.0.beta5 and earlier, update to a version later than beta 3.2.0.beta5. As a temporary workaround, consider restricting the use of expanded chat mentions (@all and @here) until a patch is available.