CVE-2025-67723 Discourse vulnerable to stored Cross-site Scripting via Katex in discourse-math plugin

🗓️ 28 Jan 2026 18:21:35Reported by GitHub_MType

CVE-2025-67723: Stored XSS via KaTeX in discourse-math plugin; fixes available.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2025-67723	28 Jan 202618:21	–	attackerkb
Circl	CVE-2025-67723	28 Jan 202619:46	–	circl
CNNVD	Discourse security vulnerabilities	28 Jan 202600:00	–	cnnvd
CVE	CVE-2025-67723	28 Jan 202618:21	–	cve
EUVD	EUVD-2025-206450	28 Jan 202618:21	–	euvd
NVD	CVE-2025-67723	28 Jan 202619:16	–	nvd
OSV	BIT-DISCOURSE-2025-67723 Discourse vulnerable to stored Cross-site Scripting via Katex in discourse-math plugin	2 Feb 202608:42	–	osv
OSV	CVE-2025-67723 Discourse vulnerable to stored Cross-site Scripting via Katex in discourse-math plugin	28 Jan 202618:21	–	osv
Positive Technologies	PT-2026-5181	28 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-67723	29 Jan 202621:21	–	redhatcve

[
  {
    "vendor": "discourse",
    "product": "discourse",
    "versions": [
      {
        "version": "< 3.5.4",
        "status": "affected"
      },
      {
        "version": ">= 2025.11.0-latest, < 2025.11.2",
        "status": "affected"
      },
      {
        "version": ">= 2025.12.0-latest, < 2025.12.1",
        "status": "affected"
      },
      {
        "version": ">= 2026.1.0-latest, < 2026.1.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/discourse/discourse/security/advisories/GHSA-955h-m28g-5379

28 Jan 2026 19:28Current

CVSS 3.14.6

EPSS0.00021

CWE-79