CVE-2023-49619

Name of the Vulnerable Software and Affected Versions Apache Answer versions through 1.2.0

Description The issue is related to a 'Race Condition' vulnerability due to improper synchronization when using shared resources. Normally, a user can only bookmark a question once, increasing the bookmark count by one. However, through repeated submissions using scripts, the number of question collections can be increased multiple times.

Recommendations For versions through 1.2.0, upgrade to version 1.2.1, which fixes the issue. As a temporary workaround, consider restricting the ability to submit bookmarks repeatedly to minimize the risk of exploitation.