PT-2025-45615 — Bitnami Discourse

PT-2025-45615 · Bitnami · Discourse

Published

2025-11-06

Updated

2025-11-06

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Discourse is an open source discussion platform. Version before 3.6.2 and 3.6.0.beta2, default Cache-Control response header with value no-store, no-cache was missing from error responses. This may caused unintended caching of those responses by proxies potentially leading to cache poisoning attacks. This vulnerability is fixed in 3.6.2 and 3.6.0.beta2.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BIT-DISCOURSE-2025-61598

Affected Products

Discourse