CVE-2023-32301

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jun 13, 2023
Updated: Jun 23, 2023
CWE ID 116

Summary

CVE-2023-32301 affects Discourse, an open-source discussion platform. Before version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, this vulnerability allowed an attacker to create multiple duplicate topics if topic embedding was enabled. Version 3.0.4 and 3.1.0.beta5 have since been released as patches to address this issue. To mitigate the risk, consider disabling topic embedding if it is currently enabled.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share