CVE-2025-59337 | Discourse up to 3.5.0 Backup Dump command injection (GHSA-7xjr-4f4g-9887)

A vulnerability labeled as critical has been found in Discourse up to 3.5.0. Impacted is an unknown function of the component Backup Dump Handler. Such manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2025-59337. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More