I have found a potentially concerning issue with the Terms Of Service Page on all discourse installs (including try.discourse.org
).
The ToS section 7. Content Posted on Other Websites contains links to non-currentdomain.tld
These links are clickable because they are parsed just like any other post.
This allows for domain-squatting unregistered non-currentdomain.tld
in some cases. A good example of this is https://forum.openwrt.org/tos#5
As a proof of point, I have registered non-openwrt.org.
You can see my “detailed” write-up here: ComputeCode - Non-OpenWrt
I did not see this bug as worthy of a security bounty. But if you would like this submitted as one please let me know.