CVE-2023-4126 Insufficient Session Expiration in answerdev/answer

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...

CVE-2023-4126 Insufficient Session Expiration in answerdev/answer

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...

CVE-2023-4126 Insufficient Session Expiration in answerdev/answer

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...

CVE-2023-4125 Weak Password Requirements in answerdev/answer

Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...

CVE-2023-4124 Missing Authorization in answerdev/answer

Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1...

answer Code Issue Vulnerability

answer is an open source knowledge-based community software. A code issue vulnerability exists in answerdev/answer versions prior to 1.1.0 that stems from a session expiration insufficiency issue that allows an attacker to reuse old session credentials or IDs for authorization...

PT-2023-20354 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.9 Description: The issue is related to missing authorization in the GitHub repository answerdev/answer. This can lead to a user rating their own answer as the best answer. Recommendations: For versions...

Information disclosure

Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8...

PT-2023-17382 · Unknown · Answerdev/Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.8 Description: The issue concerns the exposure of sensitive information through metadata in the answerdev/answer GitHub repository. This exposure can include sensitive data such as EXIF data and GPS...

CVE-2023-1975 Insertion of Sensitive Information Into Sent Data in answerdev/answer

Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8...

CVE-2023-1974 Exposure of Sensitive Information Through Metadata in answerdev/answer

Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8...

CVE-2023-1976 Password Aging with Long Expiration in answerdev/answer

Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1974 Exposure of Sensitive Information Through Metadata in answerdev/answer

Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8...

Answer vulnerable to Stored Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...

CVE-2023-1542

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1543

Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1540

Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1535

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...

Session fixation

Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1543

CVE-2023-1543 describes an Insufficient Session Expiration vulnerability in the open‑source knowledge base software github.com/answerdev/answer prior to version 1.0.6. The root cause is an access control weakness where a token could be reused or not invalidated after logout, enabling unauthorized...