Unrated severityNVD Advisory· Published Jun 13, 2023· Updated Jan 2, 2025
Discourse's canonical url not being used for topic embeddings
CVE-2023-32301
Description
Discourse is an open source discussion platform. Prior to version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches. As a workaround, disable topic embedding if it has been enabled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<3.0.4 (stable) / <3.1.0.beta5 (beta)+ 1 more
- (no CPE)range: <3.0.4 (stable) / <3.1.0.beta5 (beta)
- (no CPE)range: < 3.0.4
Patches
Vulnerability mechanics
References
1- github.com/discourse/discourse/security/advisories/GHSA-p2jx-m2j5-hqh4mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.