Server-Side Request Forgery (SSRF) in Discourse - CVE-2023-28112
Published: March 17, 2023 / Updated: July 1, 2026
Discourse
Detailed vulnerability description
The vulnerability allows a remote user to trigger outbound network connections to private IP addresses from the server.
The vulnerability exists due to improper access control in FastImage requests when processing user-supplied URLs. A remote user can supply a crafted URL to trigger outbound network connections to private IP addresses from the server.
The issue affects some user-provided URLs that were passed to FastImage without SSRF protection.