CVE-2023-32301

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-116
View all →

Vulnerability Description

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. As a workaround, disable topic embedding if it has been enabled.

Related Vulnerabilities

CVE-2018-20586

MEDIUM
CVSS:5.3(Medium)

bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.

CWE-1162018

CVE-2019-11717

MEDIUM
CVSS:5.3(Medium)

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulne...

CWE-1162019

CVE-2019-15944

MEDIUM
CVSS:5.3(Medium)

In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.

CWE-1162019

CVE-2019-19714

MEDIUM
CVSS:5.3(Medium)

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.

CWE-1162019

CVE-2019-3571

MEDIUM
CVSS:5.3(Medium)

An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.

CWE-1162019

CVE-2020-24592

MEDIUM
CVSS:5.3(Medium)

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.

CWE-1162020