GO-2023-1996 Answer Insufficient Session Expiration vulnerability in github.com/answerdev/answer

Answer Insufficient Session Expiration vulnerability in github.com/answerdev/answer...

GO-2023-1660 Answer vulnerable to Business Logic Errors in github.com/answerdev/answer

Answer vulnerable to Business Logic Errors in github.com/answerdev/answer...

GO-2023-1550 Answer contains Improper Access Control vulnerability in github.com/answerdev/answer

Answer contains Improper Access Control vulnerability in github.com/answerdev/answer...

GHSA-V9VC-7X69-C2X8 Answer Missing Authorization vulnerability

Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1...

answer Security breach

answer is an open source knowledge-based community software. A security vulnerability exists in answerdev/answer versions prior to 1.1.1, which stems from a conditional contention issue in threads...

PT-2023-27880 · Answer · Answer

Name of the Vulnerable Software and Affected Versions: answer versions prior to 1.1.1 Description: The issue is related to a race condition within a thread. This condition can occur in the GitHub repository answerdev/answer. Recommendations: For versions prior to 1.1.1, update to version 1.1.1 or...

PT-2023-27863 · Answer +3 · Answer +2

Name of the Vulnerable Software and Affected Versions: answer versions prior to 1.1.1 Description: The issue concerns a Missing Authorization vulnerability. Recommendations: For versions prior to 1.1.1, update to version 1.1.1 or later to resolve the issue...

answer Security breach

answer is an open source knowledge-based community software. A security vulnerability exists in versions of answer prior to 1.1.0 that stems from a weak password policy when creating an account...

PT-2023-27873 · Answer +3 · Answer +2

Name of the Vulnerable Software and Affected Versions: answer versions prior to 1.1.0 Description: The issue concerns insufficient session expiration. Recommendations: For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue...

answer 安全漏洞

answer is an open source knowledge-based community software. An access control error vulnerability exists in versions of answer prior to 1.1.6, which stems from prolonged password expiration. An attacker could exploit the vulnerability to account account takeover...

answer 安全漏洞

answer is an open source knowledge-based community software. An information disclosure vulnerability exists in versions of answer prior to 1.0.8. The vulnerability stems from the fact that when a user uploads his logo, the EXIF geolocation data of the uploaded image is not stripped. An attacker...

PT-2023-17383 · Unknown · Answerdev/Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.8 Description: The issue concerns the insertion of sensitive information into sent data. Specifically, answerdev/answer, an open-source knowledge-based community software, does not strip EXIF geolocation...

CVE-2023-1538 Observable Timing Discrepancy in answerdev/answer

Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...

Answer Cross-Site Scripting Vulnerability (CNVD-2023-31162)

Answer is an open source knowledge-based community software. You can quickly use it to build Q&A communities for your products, customers, teams and more. Answer has a cross-site scripting vulnerability in versions prior to 1.0.6. The vulnerability stems from the fact that when answering added ne...

answer cross-site scripting vulnerability (CNVD-2023-31163)

answer is knowledge-based open source community software. You can use it to quickly build product technical support, customer support, user communication and other Q&A community. Answer versions prior to 1.0.6 have a cross-site scripting vulnerability that can be exploited by attackers to inject...

GHSA-9V4V-9FJ5-P982 Answer vulnerable to Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

answer 跨站脚本漏洞

answer is an open source knowledge-based community software. A cross-site scripting vulnerability exists in versions of answer prior to 1.0.6. An attacker could exploit this vulnerability to perform a cross-site scripting attack...

answer 跨站脚本漏洞

Answer is an open source knowledge-based community software. You can quickly use it to build Q&A communities for your products, customers, teams and more. Answer has a cross-site scripting vulnerability in versions prior to 1.0.6. The vulnerability stems from the fact that when answering added ne...

answer 跨站脚本漏洞

answer is an open source knowledge-based community software. A cross-site scripting vulnerability exists in versions of answer prior to 1.0.6. An attacker could exploit this vulnerability to perform a cross-site scripting attack...

answer 跨站脚本漏洞

answer is an open source knowledge-based community software. A cross-site scripting vulnerability exists in versions of answer prior to 1.0.6. An attacker could exploit this vulnerability to perform a cross-site scripting attack...