CVE-2024-54142

Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Discourse application when a user visited a post with a onebox to said conversation. This issue has been addressed in commit 92f122c. Users are advised to update. Users unable to update may remove all groups from ai bot public sharing allowed groups site setting.