CVE-2025-48954 – Discourse is an open-source discussion platform. V

June 25, 2025

CVE ID : CVE-2025-48954

Published : June 25, 2025, 2:15 p.m. | 14 minutes ago

Description : Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy isn’t enabled when using social logins. Version 3.5.0.beta6 patches the issue. As a workaround, have the content security policy enabled.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticlePoking at the CSS if() Function a Little More: Conditional Color Theming

Next Article CVE-2025-6604 – SourceCodester Best Salon Management System SQL Injection Vulnerability

Highlights

CVE-2025-8763 – Ruijie EG306MG StrongSwan Aggressive Mode PSK Encryption Bypass Vulnerability

August 9, 2025

CVE ID : CVE-2025-8763

Published : Aug. 9, 2025, 6:15 p.m. | 5 hours, 25 minutes ago

Description : A vulnerability was found in Ruijie EG306MG 3.0(1)B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk leads to missing encryption of sensitive data. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-48954 – Discourse is an open-source discussion platform. V

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

How iPadOS 26 convinced me to switch from Mac to iPad full-time – and why I don’t regret it

Powerful Motion Graphics Frameworks for Developers

Microsoft komt met script voor herstellen inetpub-map op Windowssystemen

CVE-2025-4123 – Grafana Cross-Site Scripting (XSS) via Client Path Traversal and Open Redirect

CVE-2025-8763 – Ruijie EG306MG StrongSwan Aggressive Mode PSK Encryption Bypass Vulnerability

CVE-2025-29573 – Mezzanine CMS Forms Module XSS Vulnerability

CVE-2025-52810 – TMRW-studio Katerio Magazine Path Traversal PHP Local File Inclusion Vulnerability

CVE-2025-46553 – Misskey/summaly Allow Redirects Bypass Vulnerability

CVE-2025-48954 – Discourse is an open-source discussion platform. V

Related Posts