cvelistv5 - cve-2025-22602

CVE-2025-22602 (GCVE-0-2025-22602)

Vulnerability from cvelistv5 – Published: 2025-02-04 20:51 – Updated: 2025-02-12 14:03

Summary

Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users' browsers by posting a malicious video placeholder html element. This issue only affects sites with CSP disabled. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should enable CSP.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

https://github.com/discourse/discourse/security/a…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	discourse	discourse	Affected: stable: <= 3.3.3 Affected: beta: <= 3.4.0.beta3 Affected: tests-passed: <= 3.4.0.beta3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22602",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T14:03:21.228534Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T14:03:25.855Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "discourse",
          "vendor": "discourse",
          "versions": [
            {
              "status": "affected",
              "version": "stable: \u003c= 3.3.3"
            },
            {
              "status": "affected",
              "version": "beta: \u003c= 3.4.0.beta3"
            },
            {
              "status": "affected",
              "version": "tests-passed: \u003c= 3.4.0.beta3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users\u0027 browsers by posting a malicious video placeholder html element. This issue only affects sites with CSP disabled. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should enable CSP."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-04T20:51:56.909Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-694p-c5m3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-694p-c5m3"
        }
      ],
      "source": {
        "advisory": "GHSA-jcjx-694p-c5m3",
        "discovery": "UNKNOWN"
      },
      "title": "Stored DOM-based XSS (without CSP) via video placeholders in Discourse"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-22602",
    "datePublished": "2025-02-04T20:51:56.909Z",
    "dateReserved": "2025-01-07T15:07:26.775Z",
    "dateUpdated": "2025-02-12T14:03:25.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-22602\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-02-04T21:15:27.950\",\"lastModified\":\"2025-09-26T13:01:34.363\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users\u0027 browsers by posting a malicious video placeholder html element. This issue only affects sites with CSP disabled. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should enable CSP.\"},{\"lang\":\"es\",\"value\":\"Discourse es una plataforma de c\u00f3digo abierto para debates comunitarios. En las versiones afectadas, un atacante puede ejecutar c\u00f3digo JavaScript arbitrario en los navegadores de los usuarios mediante la publicaci\u00f3n de un elemento HTML de marcador de posici\u00f3n de v\u00eddeo malicioso. Este problema solo afecta a los sitios que tienen CSP deshabilitado. Este problema se ha corregido en la \u00faltima versi\u00f3n de Discourse. Se recomienda a los usuarios que actualicen la versi\u00f3n. Los usuarios que no puedan actualizar la versi\u00f3n deben habilitar CSP.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*\",\"versionEndExcluding\":\"3.3.4\",\"matchCriteriaId\":\"07E7B04F-B033-48BB-AA28-8C38BE2D7334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:*:*:*:*:beta:*:*:*\",\"versionEndExcluding\":\"3.4.0\",\"matchCriteriaId\":\"B70F4653-EB23-49AB-AF71-C39E5B6D5E5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:3.4.0:beta1:*:*:beta:*:*:*\",\"matchCriteriaId\":\"AF6D8860-8764-4EEF-9FDD-89FF932791A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:3.4.0:beta2:*:*:beta:*:*:*\",\"matchCriteriaId\":\"6A7FC47A-8C19-4E39-B0CF-ADA835A02A9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:3.4.0:beta3:*:*:beta:*:*:*\",\"matchCriteriaId\":\"8802773F-8216-4F0F-9F58-89056BFBE8B8\"}]}]}],\"references\":[{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-694p-c5m3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22602\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-12T14:03:21.228534Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-11T21:33:17.539Z\"}}], \"cna\": {\"title\": \"Stored DOM-based XSS (without CSP) via video placeholders in Discourse\", \"source\": {\"advisory\": \"GHSA-jcjx-694p-c5m3\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"discourse\", \"product\": \"discourse\", \"versions\": [{\"status\": \"affected\", \"version\": \"stable: \u003c= 3.3.3\"}, {\"status\": \"affected\", \"version\": \"beta: \u003c= 3.4.0.beta3\"}, {\"status\": \"affected\", \"version\": \"tests-passed: \u003c= 3.4.0.beta3\"}]}], \"references\": [{\"url\": \"https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-694p-c5m3\", \"name\": \"https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-694p-c5m3\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users\u0027 browsers by posting a malicious video placeholder html element. This issue only affects sites with CSP disabled. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should enable CSP.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-02-04T20:51:56.909Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-22602\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-12T14:03:25.855Z\", \"dateReserved\": \"2025-01-07T15:07:26.775Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-02-04T20:51:56.909Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2025-22602

Vulnerability from fkie_nvd - Published: 2025-02-04 21:15 - Updated: 2025-09-26 13:01

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N