5 matches found
CVE-2024-54142
Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Discourse application when a user visited a post with a onebox to said conversation. This issue has be...
CVE-2024-54142
creationtimestamp| type| source ---|---|--- 2025-01-14 23:09:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1636 2025-01-14 23:48:51+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113829381717176763 2025-01-15 00:53:37+00:00| seen|...
CVE-2024-54142 Cross-site Scripting via Discourse-ai SharedAiConversation onebox in Discourse
Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Discourse application when a user visited a post with a onebox to said conversation. This issue has be...
CVE-2024-54142
CVE-2024-54142 concerns the Discourse AI plugin for Discourse. When sharing Discourse AI Bot conversations into posts, HTML entities in the conversation could leak into the application when a user visits a post with a onebox, enabling cross-site scripting via user-visible content. The issue is ti...
CVE-2024-54142 Cross-site Scripting via Discourse-ai SharedAiConversation onebox in Discourse
Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Discourse application when a user visited a post with a onebox to said conversation. This issue has be...