Discourse AI Helper Insecure Direct Object Reference Vulnerability

A vulnerability in the Discourse AI suggestion endpoints for topics, specifically in versions 3.5.0 and below, allows authenticated users to access information from restricted topics. By altering the 'topic_id' in API requests to the AI suggestion endpoints for 'Title', 'Category', and 'Tags', users could retrieve data from topics they were not authorized to view. This issue has been addressed in Discourse version 3.5.1. The vulnerability arises from insufficient access controls, enabling users to exploit the AI suggestion feature to gain unauthorized insights into private or restricted discussions.

Impact

Exploitation of this vulnerability could lead to unauthorized access to information from restricted topics, allowing users to view details they would not normally be privy to.

Reproduction

To reproduce this vulnerability, an authenticated user can send a request to the Discourse AI suggestion endpoints for 'Title', 'Category', or 'Tags', including a 'topic_id' that corresponds to a restricted topic. The response will contain information from the targeted topic, which the user is not authorized to access.

Remediation

Users can upgrade to Discourse version 3.5.1 or later. Additionally, group access to the AI helper feature can be restricted using the 'composer_ai_helper_allowed_groups' and 'post_ai_helper_allowed_groups' site settings.