CVE-2023-32301
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Jun 13, 2023
Updated: Jun 23, 2023
CWE ID 116
Summary
CVE-2023-32301 affects Discourse, an open-source discussion platform. Before version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, this vulnerability allowed an attacker to create multiple duplicate topics if topic embedding was enabled. Version 3.0.4 and 3.1.0.beta5 have since been released as patches to address this issue. To mitigate the risk, consider disabling topic embedding if it is currently enabled.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Discourse