CVE-2026-32607 | Discourse up to 2026.1.2/2026.2.1 prioritize_full_name_in_ux cross site scripting

A vulnerability was found in Discourse up to 2026.1.2/2026.2.1. It has been declared as problematic. This affects the function prioritize_full_name_in_ux. Executing a manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-32607. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More