Mat0Pe

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 3.1.3 Discourse version 3.2.0.beta3 and earlier of the `beta` and `tests-passed` branches **Description** Discourse is an open source platform for community discussion. The issue allows some links to inject arbitrary HTML tags when rendered through the Onebox engine. There are no known workarounds. **Recommendations** For versions prior to 3.1.3, update to version 3.1.3 or later of the `stable` branch. For version 3.2.0.beta3 and earlier of the `beta` and `tests-passed` branches, update to version 3.2.0.beta3 or later.