Skip to content

Malicious footnote markup may cause client side errors.

Moderate
jomaxro published GHSA-58vr-c56v-qr57 Dec 14, 2021

Package

discourse-footnote (Discourse)

Affected versions

stable <= 0.1

Patched versions

stable >= 0.2

Description

Impact

Malicious footnote markup may cause client side errors.

Patches

0.2

Workarounds

Editing the offending post from the rails console or the database console for self-hosters, or disabling the plugin in the admin panel.

Severity

Moderate

CVE ID

CVE-2021-43827

Weaknesses