CVE-2026-32243 | Discourse up to 2026.1.2/2026.2.1 cross site scripting

March 31, 2026 Yanac

A vulnerability was found in Discourse up to 2026.1.2/2026.2.1 and classified as problematic. The affected element is an unknown function. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2026-32243. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More