CVE-2026-27740

Discourse is an open-source discussion platform. Versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 have a cross-site scripting vulnerability that arises because the system trusts the raw output from an AI Large Language Model (LLM) and renders it using htmlSafe in the Review Queue interface without adequate sanitization. A malicious attacker can use valid Prompt Injection techniques to force the AI to return a malicious payload (e.g., tags). When a Staff member (Admin/Moderator) views the flagged post in the Review Queue, the payload executes. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. As a workaround, temporarily disable AI triage automation scripts.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/discourse/discourse/commit/44b84439df7e4424b2e7f216fd8fdd7dacff2227	Patch
https://github.com/discourse/discourse/commit/8ae7cb2414d6918d7fc45e1fda7ffbb32912a975	Patch
https://github.com/discourse/discourse/commit/ed70949f2c047196f33cfa94f2819df29c5d1e5f	Patch
https://github.com/discourse/discourse/security/advisories/GHSA-95hc-42c6-wvvr	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:discourse:discourse::::::::
	cpe:2.3:a:discourse:discourse::::::::
	cpe:2.3:a:discourse:discourse:2026.3.0::::latest:::

History

25 Mar 2026, 00:58

Type	Values Removed	Values Added
Summary		(es) Discourse es una plataforma de discusión de código abierto. Las versiones anteriores a 2026.3.0-latest.1, 2026.2.1 y 2026.1.2 tienen una vulnerabilidad de cross-site scripting que surge porque el sistema confía en la salida sin procesar de un Modelo de Lenguaje Grande de IA (LLM) y la renderiza usando htmlSafe en la interfaz de la Cola de Revisión sin una sanitización adecuada. Un atacante malicioso puede usar técnicas válidas de Inyección de Prompt para forzar a la IA a devolver una carga útil maliciosa (p. ej., etiquetas). Cuando un miembro del personal (Administrador/Moderador) ve la publicación marcada en la Cola de Revisión, la carga útil se ejecuta. Las versiones 2026.3.0-latest.1, 2026.2.1 y 2026.1.2 contienen un parche. Como solución alternativa, deshabilite temporalmente los scripts de automatización de triaje de IA.
References	~~() https://github.com/discourse/discourse/commit/44b84439df7e4424b2e7f216fd8fdd7dacff2227 -~~	() https://github.com/discourse/discourse/commit/44b84439df7e4424b2e7f216fd8fdd7dacff2227 - Patch
References	~~() https://github.com/discourse/discourse/commit/8ae7cb2414d6918d7fc45e1fda7ffbb32912a975 -~~	() https://github.com/discourse/discourse/commit/8ae7cb2414d6918d7fc45e1fda7ffbb32912a975 - Patch
References	~~() https://github.com/discourse/discourse/commit/ed70949f2c047196f33cfa94f2819df29c5d1e5f -~~	() https://github.com/discourse/discourse/commit/ed70949f2c047196f33cfa94f2819df29c5d1e5f - Patch
References	~~() https://github.com/discourse/discourse/security/advisories/GHSA-95hc-42c6-wvvr -~~	() https://github.com/discourse/discourse/security/advisories/GHSA-95hc-42c6-wvvr - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.1
First Time		Discourse Discourse discourse
CPE		cpe:2.3:a:discourse:discourse:2026.3.0::::latest::: cpe:2.3:a:discourse:discourse::::::::

19 Mar 2026, 21:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-19 21:17

Updated : 2026-03-25 00:58

NVD link : CVE-2026-27740

Mitre link : CVE-2026-27740

CVE.ORG link : CVE-2026-27740

JSON object : View

Products Affected

discourse

discourse

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.1 /10