CVE-2025-58055
Severity CVSS v4.0:
Pending analysis
Type:
CWE-284
Improper Access Control
Publication date:
01/10/2025
Last modified:
23/10/2025
Description
Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic “Title”, “Category”, and “Tags” allowed authenticated users to extract information about topics that they weren’t authorized to access. By modifying the “topic_id” value in API requests to the AI suggestion endpoints, users could target specific restricted topics. The AI model’s responses then disclosed information that the authenticated user couldn’t normally access. This issue is fixed in version 3.5.1. To workaround this issue, users can restrict group access to the AI helper feature through the "composer_ai_helper_allowed_groups" and "post_ai_helper_allowed_groups" site settings.
Impact
Base Score 3.x
4.30
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:* | 3.5.1 (excluding) | |
| cpe:2.3:a:discourse:discourse:*:*:*:*:beta:*:*:* | 3.6.0 (excluding) | |
| cpe:2.3:a:discourse:discourse:3.6.0:beta1:*:*:beta:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/discourse/discourse/commit/28d569cae9b33cd55d647bf41806106e33d975c9
- https://github.com/discourse/discourse/security/advisories/GHSA-32v2-x274-vfhr
- https://www.vicarius.io/vsociety/posts/cve-2025-58055-detect-discourse-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-58055-mitigate-discourse-vulnerability