Nlgbao1340

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 **Description** Discourse, an open-source discussion platform, is affected by a cross-site scripting issue. The system improperly trusts and renders output from an AI Large Language Model (LLM) using `htmlSafe` within the Review Queue interface, lacking sufficient sanitization. An attacker can leverage Prompt Injection techniques to make the AI generate a malicious payload, such as tags. When a staff member (Admin/Moderator) views a flagged post in the Review Queue, this payload is executed. **Recommendations** Versions prior to 2026.3.0-latest.1 should be updated. Versions prior to 2026.2.1 should be updated. Versions prior to 2026.1.2 should be updated. As a temporary workaround, disable AI triage automation scripts.

**Name of the Vulnerable Software and Affected Versions** Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 **Description** Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the onebox method in the SharedAiConversation model renders the conversation title directly into HTML without proper sanitization. This could allow for potential issues related to the display of conversation titles. **Recommendations** Update Discourse to version 2026.3.0-latest.1 or later. Update Discourse to version 2026.2.1 or later. Update Discourse to version 2026.1.2 or later. As a workaround, tighten access by changing the `ai bot public sharing allowed groups` site setting.

**Name of the Vulnerable Software and Affected Versions** Outline versions prior to 1.5.0 **Description** Outline is a collaborative documentation service. Prior to version 1.5.0, a logic flaw exists in the filtering mechanism of the `/events.list` API endpoint, which is used to retrieve activity logs. This flaw allows any authenticated user to access activity events related to documents lacking a collection (such as Private Drafts and Deleted Documents), bypassing standard permission controls. While the document content itself is not directly exposed, sensitive metadata is leaked, including Document IDs, user activity timestamps, and, in some cases, the Document Title of Permanent Delete. The leakage of valid Document IDs from deleted drafts compromises the randomness of UUIDs, simplifying the exploitation of high-severity IDOR attacks, like those affecting the `documents.restore` function. **Recommendations** Versions prior to 1.5.0 should be updated to version 1.5.0 or later.

**Name of the Vulnerable Software and Affected Versions** Outline versions prior to 1.4.0 **Description** Outline is a collaborative documentation service. A security issue exists in the document restoration logic that allows any team member to restore, view, and take ownership of deleted drafts belonging to other users, including administrators, without authorization. This is due to a bypass of ownership validation during the restoration process, potentially allowing an attacker to access sensitive private information and prevent the original owner from accessing their content. The issue does not affect versions 1.4.0 and later. **Recommendations** Versions prior to 1.4.0 should be updated to version 1.4.0 or later.

**Name of the Vulnerable Software and Affected Versions** Flowise versions prior to 3.0.13 **Description** Flowise, a drag & drop user interface for building customized large language model flows, contains a Server-Side Request Forgery (SSRF) issue. The application exposes an HTTP Node within AgentFlow and Chatflow that makes server-side HTTP requests using URLs controlled by the user. There are no restrictions on the target hosts, allowing requests to private IP ranges, localhost, or cloud metadata endpoints. This enables an attacker interacting with a publicly exposed chatflow to force the Flowise server to make requests to internal network resources that are otherwise inaccessible from the public internet. **Recommendations** Update to version 3.0.13 or later.

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.118.0 n8n versions prior to 2.4.0 **Description** n8n is a workflow automation platform. A flaw in the Merge node’s SQL Query mode permitted authenticated users with workflow creation or modification rights to write arbitrary files to the n8n server’s filesystem, potentially resulting in remote code execution. The issue affects users with the ability to create or modify workflows. **Recommendations** Update to n8n version 1.118.0 or later. Update to n8n version 2.4.0 or later.

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.114.0 **Description** n8n is a workflow automation platform. A stored Cross-Site Scripting (XSS) issue may occur when using the “Respond to Webhook” node in versions before 1.114.0. If this node responds with HTML content containing executable scripts, the payload may execute directly in the top-level window. This can allow a malicious actor with workflow creation permissions to execute arbitrary JavaScript in the n8n editor interface. **Recommendations** Restrict workflow creation and modification privileges to trusted users only. Avoid using untrusted HTML responses in the “Respond to Webhook” node. Use an external reverse proxy or HTML sanitizer to filter responses that include executable scripts.