Severity: moderate
Affected versions:
- Apache Answer through 1.2.0
Description:
Concurrent Execution using Shared Resource with Improper Synchronization ('Race
Condition') vulnerability in Apache Answer.
This issue affects Apache Answer: through 1.2.0.
Under normal circumstances, a user can only bookmark a question once, and will
only increase the number of questions bookmarked once. However, repeat
submissions through the script can increase the number of collection of the
question many times.
Users are recommended to upgrade to version [1.2.1], which fixes the issue.
Credit:
ek1ng (reporter)
References:
https://answer.incubator.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-49619
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
