CVE-2023-28112
Discourse (open‑source discussion platform) has a CVE-2023-28112 issue affecting the beta and tests-passed branches prior to 3.1.0.beta3. The root cause is missing SSRF protection in how some user-provided URLs are passed to FastImage, enabling outbound connections from the Discourse server to pr...