PT-2025-31259 · Discourse · Discourse
Published
2025-07-29
·
Updated
2025-08-11
·
CVE-2025-53102
CVSS v4.0
8.2
High
| Vector | AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Discourse versions prior to 3.4.7 on the
stable branch
Discourse versions prior to 3.5.0.beta.8 on the tests-passed branchDescription
Discourse is an open-source community discussion platform. Upon issuing a physical security key for two-factor authentication (2FA), the server generates a WebAuthn challenge, which the client signs. The challenge is not cleared from the user’s session after authentication, potentially allowing reuse and increasing security risk.
Recommendations
Update Discourse to version 3.4.7 on the
stable branch.
Update Discourse to version 3.5.0.beta.8 on the tests-passed branch.Exploit
Fix
Session Fixation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Discourse