{"id":9255,"date":"2025-07-29T15:45:20","date_gmt":"2025-07-29T15:45:20","guid":{"rendered":"http:\/\/localhost\/?p=9255"},"modified":"2025-07-29T15:45:20","modified_gmt":"2025-07-29T15:45:20","slug":"discourses-webauthn-challenge-isnt-cleared-from-user-session-after-authentication","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=9255","title":{"rendered":"Discourse’s WebAuthn challenge isn’t cleared from user session after authentication"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nDiscourse’s WebAuthn challenge isn’t cleared from user session after authentication<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-29T19:24:06.076Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-29T19:33:43.304Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\ndiscourse<\/td>\n<\/tr>\n
Product<\/th>\ndiscourse<\/td>\n<\/tr>\n
Version<\/th>\n>= 3.5.0.beta1, < 3.5.0.beta.8<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n8.2 (HIGH)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:H\/AT:P\/PR:N\/UI:N\/VC:H\/VI:N\/VA:N\/SC:N\/SI:N\/SA:N<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA vulnerability in Discourse allows the WebAuthn challenge to remain in the user’s session after authentication, potentially enabling reuse and increasing security risks. This issue is fixed in versions 3.4.7 and 3.5.0.beta.8.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nDiscourse Foundation<\/td>\n<\/tr>\n
AI Product<\/th>\nDiscourse<\/td>\n<\/tr>\n
AI Version<\/th>\n3.5.0.beta1, 3.5.0.beta8, 3.4.7<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n