Discourse Insecure Direct Object Reference Vulnerability Allowing Unauthorized Access to AI Metadata

A vulnerability allowing Insecure Direct Object Reference (IDOR) has been identified in Discourse, an open-source discussion platform. This issue affects versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2. The vulnerability allows any authenticated user to access restricted metadata about AI personas, features, and LLM models by supplying their identifiers. The exposed information includes credit allocations and usage statistics, which are not meant for public disclosure. The vulnerability is exploitable over the network, requires low privileges (any logged-in user), and has a low impact on confidentiality, with no effect on integrity or availability.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive metadata about AI personas, features, and LLM models, including credit allocations and usage statistics, which are not intended to be public.

Remediation

Users can upgrade to Discourse versions 2026.3.0-latest.1, 2026.2.1, or 2026.1.2, all of which include the necessary patch. Alternatively, the AI plugin can be disabled to mitigate the issue.