Lillinator

**Name of the Vulnerable Software and Affected Versions** Discourse Policy plugin versions prior to 0.1.1 **Description** The issue concerns the Discourse Policy plugin, which allows confirming users have seen or done something. Prior to version 0.1.1, if a policy was posted to a public topic tied to a private group, the group members could be shown to non-group members. **Recommendations** For versions prior to 0.1.1, update to version 0.1.1 to resolve the issue. As a temporary workaround, consider moving any policy topics with private groups to restricted categories.

**Name of the Vulnerable Software and Affected Versions** Discourse Code Review Plugin versions prior to commit eed3a80 **Description** The issue allows an attacker to execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This is a problem with the Discourse Code Review Plugin, which enables users to review GitHub commits on Discourse. **Recommendations** For versions prior to commit eed3a80, update to a version that includes commit eed3a80 to resolve the issue. As a temporary workaround, consider disabling the Discourse Code Review Plugin until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Discourse-reactions plugin (affected versions not specified) **Description** The issue concerns the Discourse-reactions plugin, which allows users to add reactions to posts. When whispers are enabled on a site via the `whispers allowed groups` variable and reactions are made on whispers on public topics, the contents of the whisper and the reaction data are exposed on the "/u/:username/activity/reactions" API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** discourse-ai versions prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd **Description** The discourse-ai plugin for the open-source discussion platform Discourse is affected by an issue where interactions with different AI services are vulnerable to admin-initiated SSRF attacks. **Recommendations** For versions prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, update to a version that includes commit 94ba0dadc2cf38e8f81c3936974c167219878edd to resolve the issue. As a temporary workaround, consider disabling the discourse-ai plugin until a patched version is installed.

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 3.1.4 Discourse versions prior to 3.2.0.beta4 **Description** Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue. For versions prior to 3.2.0.beta4, update to version 3.2.0.beta4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 3.1.4 Discourse versions prior to 3.2.0.beta4 **Description** Discourse is a platform for community discussion. For fields that are client editable, limits on sizes are not imposed. This allows a malicious actor to cause a Discourse instance to use excessive disk space and also often excessive bandwidth. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue. For versions prior to 3.2.0.beta4, update to version 3.2.0.beta4 or later to resolve the issue. As a temporary workaround, consider restricting the size of client-editable fields to prevent excessive disk space and bandwidth usage.