CVE-2026-32273 | Discourse up to 2026.1.2/2026.2.1 Description cross site scripting

A vulnerability classified as problematic has been found in Discourse up to 2026.1.2/2026.2.1. This issue affects some unknown processing of the component Description Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-32273. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More