CVE-2023-1541

🗓️ 21 Mar 2023 05:10:15Reported by @huntrdevType

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. NV

Reporter	Title	Published	Views	Family All 11
Huntr	Admin Able To Perform Operations On Themselves By Interacting With API	21 Feb 202321:12	–	huntr
CNVD	answer authorization issue vulnerability	23 Mar 202300:00	–	cnvd
OSV	Answer vulnerable to Business Logic Errors	21 Mar 202306:30	–	osv
OSV	GO-2023-1658 Answer vulnerable to Business Logic Errors in github.com/answerdev/answer	20 Aug 202420:29	–	osv
OSV	CVE-2023-1541	21 Mar 202305:15	–	osv
Github Security Blog	Answer vulnerable to Business Logic Errors	21 Mar 202306:30	–	github
NVD	CVE-2023-1541	21 Mar 202305:15	–	nvd
Cvelist	CVE-2023-1541 Business Logic Errors in answerdev/answer	21 Mar 202300:00	–	cvelist
Vulnrichment	CVE-2023-1541 Business Logic Errors in answerdev/answer	21 Mar 202300:00	–	vulnrichment
Veracode	Business Logic Errors	4 Aug 202305:51	–	veracode

Nvd

Node

answer answerRange<1.0.6

[
  {
    "vendor": "answerdev",
    "product": "answerdev/answer",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.0.6",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/answerdev/answer/commit/15390adbfcd5fd37af4661f992f8873ae5a6b840
huntr	www.huntr.dev/bounties/8fd891c6-b04e-4dac-818f-9ea30861cd92

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Mar 2023 05:15Current

4.3Medium risk

Vulners AI Score4.3

CVSS33.8 - 6

EPSS0.0003

SSVC

CWE-840