hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
c3a853d2cf868f00cda8fae6ec2ed2a3a2709782
websafe-kb/08-threat-intel/registry/advisories/discourse--c9760a2b16.json

145 行
17 KiB
JSON
原始文件 Blame 文件历史

{
"canonical_id": "discourse--c9760a2b16",
"system_id": "discourse",
"display_name": "Discourse",
"category": "cms",
"advisory_mode": "core",
"title": "Release v2025.12.0: Discourse Rewind, new review queue and UI to create tags, Chat channel customisation, and live PR statuses",
"summary": "<h1><a name=\"p-1913075-new-features-in-v2025120-1\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-new-features-in-v2025120-1\" aria-label=\"Heading link\"></a>New features in v2025.12.0</h1>\n<h3><a name=\"p-1913075-discourse-rewind-2\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-discourse-rewind-2\" aria-label=\"Heading link\"></a>Discourse Rewind</h3>\n<p>Discourse Rewind is an end-of-year activity summary for your members that lets your members celebrate the year in style. Members will enjoy the cool retro computing design of Rewind and seeing interesting stats about their activity, writing, and other contributions to the community. <a href=\"https://meta.discourse.org/t/discourse-rewind/390847\">Learn more\u2026</a></p>\n<p><img src=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/c/f/e/cfeec4814d1967b24e3f80f9b2c013ca63913885.gif\" alt=\"rewind-video\" data-base62-sha1=\"tFsop0sxH3pIbafJJD9m43tysQt\" width=\"525\" height=\"500\" class=\"animated\"></p>\n<h3><a name=\"p-1913075-new-and-improved-review-queue-3\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-new-and-improved-review-queue-3\" aria-label=\"Heading link\"></a>New and improved review queue</h3>\n<p>We recently enabled the new review queue for everyone by default. It now has a completely refreshed layout so that moderators can find vital information at a glance, and more easily resolve issues flagged by your community. <a href=\"https://meta.discourse.org/t/a-new-review-queue-layout-with-all-new-features/388194\">Learn more\u2026</a></p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/4/f/c/4fc13d6527d9e9c9b00ea2c32bf6a56db7ce1919.png\" data-download-href=\"/uploads/short-url/bnxJxJ800SmxpYF3l8i4zdBYCJb.png?dl=1\" title=\"review-queue\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/f/c/4fc13d6527d9e9c9b00ea2c32bf6a56db7ce1919_2_678x500.png\" alt=\"review-queue\" data-base62-sha1=\"bnxJxJ800SmxpYF3l8i4zdBYCJb\" width=\"678\" height=\"500\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/f/c/4fc13d6527d9e9c9b00ea2c32bf6a56db7ce1919_2_678x500.png, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/f/c/4fc13d6527d9e9c9b00ea2c32bf6a56db7ce1919_2_1017x750.png 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/4/f/c/4fc13d6527d9e9c9b00ea2c32bf6a56db7ce1919_2_1356x1000.png 2x\" data-dominant-color=\"EBEBEA\"></a></div><p></p>\n<h3><a name=\"p-1913075-live-pull-request-status-on-github-oneboxes-4\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-live-pull-request-status-on-github-oneboxes-4\" aria-label=\"Heading link\"></a>Live Pull Request status on GitHub oneboxes</h3>\n<p>In the <a href=\"https://meta.discourse.org/t/discourse-github/99895?tl=en\">Discourse GitHub</a> plugin, we added a live status indicator option for PR onebox previews so your members can stay on top of pull requests at a glance! <a href=\"https://meta.discourse.org/t/live-pull-request-status-on-github-oneboxes/390900\">Learn more\u2026</a></p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/8/c/e/8ce70161d6b9a1dc88f4af7f461cfda7628cf207.jpeg\" data-download-href=\"/uploads/short-url/k6tLU3E1JePEoqbMhd7y3gd8w99.jpeg?dl=1\" title=\"image\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/8/c/e/8ce70161d6b9a1dc88f4af7f461cfda7628cf207_2_500x499.jpeg\" alt=\"image\" data-base62-sha1=\"k6tLU3E1JePEoqbMhd7y3gd8w99\" width=\"500\" height=\"499\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/8/c/e/8ce70161d6b9a1dc88f4af7f461cfda7628cf207_2_500x499.jpeg, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/8/c/e/8ce70161d6b9a1dc88f4af7f461cfda7628cf207_2_750x748.jpeg 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/8/c/e/8ce70161d6b9a1dc88f4af7f461cfda7628cf207_2_1000x998.jpeg 2x\" data-dominant-color=\"272828\"></a></div><p></p>\n<h3><a name=\"p-1913075-star-your-favorite-chat-channels-for-easy-access-5\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-star-your-favorite-chat-channels-for-easy-access-5\" aria-label=\"Heading link\"></a>Star your favorite chat channels for easy access</h3>\n<p>To make it easier to find your most important conversations, we\u2019ve added the ability to star your favorite channels, group chats, and DMs. This is a great way to organize chat when you belong to many channels and want to ensure the most important ones remain easy to access. <a href=\"https://meta.discourse.org/t/star-your-favorite-chat-channels-for-easy-access/390713\">Learn more\u2026</a></p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/e/3/7/e37c2177b50dc89602d413c6a276cc39b9f422c8.png\" data-download-href=\"/uploads/short-url/wsqkKqXWlKXTqyOyLXL0NlIzc5q.png?dl=1\" title=\"image\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/e/3/7/e37c2177b50dc89602d413c6a276cc39b9f422c8.png\" alt=\"image\" data-base62-sha1=\"wsqkKqXWlKXTqyOyLXL0NlIzc5q\" width=\"601\" height=\"500\"></a></div><p></p>\n<p>Also, you can now <a href=\"https://meta.discourse.org/t/customize-chat-channels-with-an-emoji/390292\" class=\"inline-onebox\">Customize chat channels with an emoji</a> on the channel settings page:</p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/7/1/0/71082fc362e1cb1fd4f9d3754f344b10c09b48e7.png\" data-download-href=\"/uploads/short-url/g7VuCeqcgROM674LHbQ5VVgqDqL.png?dl=1\" title=\"drawer-channel-emojis\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/1/0/71082fc362e1cb1fd4f9d3754f344b10c09b48e7_2_345x187.png\" alt=\"drawer-channel-emojis\" data-base62-sha1=\"g7VuCeqcgROM674LHbQ5VVgqDqL\" width=\"345\" height=\"187\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/1/0/71082fc362e1cb1fd4f9d3754f344b10c09b48e7_2_345x187.png, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/1/0/71082fc362e1cb1fd4f9d3754f344b10c09b48e7_2_517x280.png 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/7/1/0/71082fc362e1cb1fd4f9d3754f344b10c09b48e7_2_690x374.png 2x\" data-dominant-color=\"FBFBFB\"></a></div><p></p>\n<h3><a name=\"p-1913075-easier-tag-creation-6\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-easier-tag-creation-6\" aria-label=\"Heading link\"></a>Easier tag creation</h3>\n<p>You can now create one or more tags right from the <code>/tags</code> index page. <a href=\"https://meta.discourse.org/t/you-can-now-create-new-tags-on-the-tags-page/391475\">Learn more\u2026</a></p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/9/1/d/91de82e0b4257ebae6ea379153b46ce68ca18890.png\" data-download-href=\"/uploads/short-url/kOpXBqNHIG09tcbbGlEdgtoDyAE.png?dl=1\" title=\"image\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/9/1/d/91de82e0b4257ebae6ea379153b46ce68ca18890_2_689x155.png\" alt=\"image\" data-base62-sha1=\"kOpXBqNHIG09tcbbGlEdgtoDyAE\" width=\"689\" height=\"155\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/9/1/d/91de82e0b4257ebae6ea379153b46ce68ca18890_2_689x155.png, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/9/1/d/91de82e0b4257ebae6ea379153b46ce68ca18890_2_1033x232.png 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/9/1/d/91de82e0b4257ebae6ea379153b46ce68ca18890_2_1378x310.png 2x\" data-dominant-color=\"FCFCFD\"></a></div><p></p>\n<h3><a name=\"p-1913075-allow-members-to-run-personal-reports-7\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-allow-members-to-run-personal-reports-7\" aria-label=\"Heading link\"></a>Allow members to run personal reports</h3>\n<p>In the <a href=\"https://meta.discourse.org/t/32566?silent=true\">Data Explorer</a> plugin, we introduced a new <code>current_user_id</code> parameter type that can automatically connect to the ID of the user running the query. This enables secure \u201cpersonal data\u201d queries in group reports where members can run queries filtered to their own accounts. <a href=\"https://github.com/discourse/discourse/pull/36655\">Learn more\u2026</a></p>\n<p></p><div class=\"lightbox-wrapper\"><a class=\"lightbox\" href=\"https://d11a6trkgmumsb.cloudfront.net/original/4X/c/6/c/c6c3fa688379f79398e005a1c8da2eb43ed0913a.jpeg\" data-download-href=\"/uploads/short-url/smmq44vHs9kqo5BMhlyqrWMByKS.jpeg?dl=1\" title=\"image\"><img src=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/6/c/c6c3fa688379f79398e005a1c8da2eb43ed0913a_2_517x347.jpeg\" alt=\"image\" data-base62-sha1=\"smmq44vHs9kqo5BMhlyqrWMByKS\" width=\"517\" height=\"347\" srcset=\"https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/6/c/c6c3fa688379f79398e005a1c8da2eb43ed0913a_2_517x347.jpeg, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/6/c/c6c3fa688379f79398e005a1c8da2eb43ed0913a_2_775x520.jpeg 1.5x, https://d11a6trkgmumsb.cloudfront.net/optimized/4X/c/6/c/c6c3fa688379f79398e005a1c8da2eb43ed0913a_2_1034x694.jpeg 2x\" data-dominant-color=\"282929\"></a></div><p></p>\n<h2><a name=\"p-1913075-security-updates-8\" class=\"anchor\" href=\"https://meta.discourse.org#p-1913075-security-updates-8\" aria-label=\"Heading link\"></a>Security Updates</h2>\n<p>This release includes fixes for these security issues reported by our community and <a href=\"https://hackerone.com/discourse\">HackerOne</a>.</p>\n<ul>\n<li>Users are able to find users by name even when <code>enable_names</code> is off <a href=\"https://github.com/discourse/discourse/security/advisories/GHSA-c59w-jwx7-34v4\">(CVE-2025-64528)</a></li>\n</ul>\n <p><small>2 posts - 2 participants</small></p>\n <p><a href=\"https://meta.discourse.org/t/release-v2025-12-0-discourse-rewind-new-review-queue-and-ui-to-create-tags-chat-channel-customisation-and-live-pr-statuses/392314\">Read full topic</a></p>",
"published_at": "Tue, 30 Dec 2025 15:06:45 +0000",
"updated_at": "Tue, 30 Dec 2025 15:06:45 +0000",
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://meta.discourse.org/t/release-v2025-12-0-discourse-rewind-new-review-queue-and-ui-to-create-tags-chat-channel-customisation-and-live-pr-statuses/392314",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"xss-output-encoding",
"plugin-extension-trust-policy",
"file-upload-validation"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"entity_refs": [
{
"entity_id": "discourse",
"entity_type": "system",
"relation": "root-system",
"root_system_id": "discourse",
"official": true
}
],
"affected_components": [
{
"name": "Discourse",
"entity_id": "discourse",
"scope": "core",
"package_name": null,
"official": true
}
],
"affected_version_ranges": [],
"fixed_version_ranges": [],
"introduced_version": null,
"patched_version": null,
"version_evidence_sources": [
"https://meta.discourse.org/t/release-v2025-12-0-discourse-rewind-new-review-queue-and-ui-to-create-tags-chat-channel-customisation-and-live-pr-statuses/392314"
],
"advisory_scope": "core",
"version_confidence": "low",
"version_gap_reason": "official bulletin or aggregated source did not expose explicit affected/fixed versions",
"version_resolution_needed": true,
"workflow": {
"workflow_id": "discourse--c9760a2b16--workflow",
"vuln_family": "xss",
"entry_surface": "web-ui-render-path",
"preconditions": [
"\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: \u9700\u8981\u4ece\u516c\u544a\u3001\u9501\u6587\u4ef6\u3001\u7248\u672c\u9875\u6216\u5173\u4e8e\u9875\u9762\u4eba\u5de5\u786e\u8ba4\u7248\u672c\u547d\u4e2d",
"\u82e5\u5bf9\u8c61\u5c5e\u4e8e `core`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
],
"required_role": "editor-or-admin",
"affected_version_assertion": [
"\u9700\u8981\u4ece\u516c\u544a\u3001\u9501\u6587\u4ef6\u3001\u7248\u672c\u9875\u6216\u5173\u4e8e\u9875\u9762\u4eba\u5de5\u786e\u8ba4\u7248\u672c\u547d\u4e2d"
],
"trigger_vector": "\u5bf9 `xss` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"request_or_ui_path": [
"/admin/editor",
"/preview",
"/rendered-content"
],
"input_shape": "\u53d7\u63a7 HTML/Markdown/\u5bcc\u6587\u672c\u8f93\u5165\uff0c\u89c2\u5bdf\u6e32\u67d3\u4e0a\u4e0b\u6587\u662f\u5426\u5931\u53bb\u7f16\u7801\u6216\u51c0\u5316\u3002",
"expected_unsafe_behavior": "\u8f93\u5165\u5728\u76ee\u6807\u4e0a\u4e0b\u6587\u6267\u884c\u6216\u88ab\u6d4f\u89c8\u5668\u89e3\u91ca\u4e3a\u4e3b\u52a8\u5185\u5bb9\u3002",
"server_evidence_points": [
"\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
"\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
],
"browser_evidence_points": [
"\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
"console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
],
"db_or_fs_evidence_points": [
"\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
"\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
],
"detection_signals": [
"WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
"\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
],
"mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
"patch_validation_steps": [
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `\u53d7\u5f71\u54cd\u7248\u672c\u533a\u95f4` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `\u4fee\u590d\u7248\u672c`\u3002",
"\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
"\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
"\u8865\u5145 `xss` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
],
"lab_safety_notes": [
"\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
"\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
"\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
],
"review_state": "needs-version-gap-review"
},
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"historical_status": null,
"latest_status": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Discourse Release Notes RSS"
],
"source_kinds": [
"rss-feed"
],
"candidate_count": 1,
"entity_ref_count": 1,
"advisory_scope": "core",
"version_confidence": "low",
"workflow_id": "discourse--c9760a2b16--workflow"
}
}
在新工单中引用 查看 Git Blame 复制永久链接