CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2023/03/21 6:30 a.m.•13 views

GHSA-H2WG-83FC-XVM9 Answer vulnerable to Business Logic Errors

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

3.8CVSS4.2AI score0.00644EPSS

NVD•added 2023/03/21 5:15 a.m.•16 views

CVE-2023-1541

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

6CVSS4.4AI score0.00644EPSS

NVD•added 2023/03/21 5:15 a.m.•13 views

CVE-2023-1542

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

8.1CVSS5.9AI score0.0075EPSS

Prion•added 2023/03/21 5:15 a.m.•12 views

Code injection

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

5.8CVSS4.2AI score0.00644EPSS

Prion•added 2023/03/21 5:15 a.m.•24 views

Code injection

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

5.5CVSS5.5AI score0.0075EPSS

Vulnrichment•added 2023/03/21 12:0 a.m.•7 views

CVE-2023-1542 Business Logic Errors in answerdev/answer

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

8.1CVSS5.4AI score0.0075EPSS

Vulnrichment•added 2023/03/21 12:0 a.m.•5 views

CVE-2023-1541 Business Logic Errors in answerdev/answer

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

6CVSS4.1AI score0.00644EPSS

Positive Technologies•added 2023/03/21 12:0 a.m.•2 views

PT-2023-17062 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.6 Description: The issue concerns Business Logic Errors in the GitHub repository answerdev/answer. Recommendations: For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue...

6CVSS6.3AI score0.00644EPSS

Exploits1References8

CVE•added 2023/03/21 12:0 a.m.•55 views

CVE-2023-1542

CVE-2023-1542 concerns business logic errors in the open-source project answerdev/answer prior to version 1.0.6 . Connected sources confirm the affected component and version range and provide a remediation: upgrade to 1.0.6 or later . The issue is described consistently across Red Hat/OSV and ot...

8.1CVSS5.8AI score0.0075EPSS

Cvelist•added 2023/03/21 12:0 a.m.•28 views

CVE-2023-1541 Business Logic Errors in answerdev/answer

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

6CVSS4.5AI score0.00644EPSS

Cvelist•added 2023/03/21 12:0 a.m.•17 views

CVE-2023-1542 Business Logic Errors in answerdev/answer

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

8.1CVSS5.7AI score0.0075EPSS

OSV•added 2023/03/21 12:0 a.m.•29 views

CVE-2023-1542 Business Logic Errors in answerdev/answer

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

8.1CVSS6.8AI score0.0075EPSS

CVE•added 2023/03/21 12:0 a.m.•53 views

CVE-2023-1541

CVE-2023-1541 affects the open-source project answerdev/answer prior to version 1.0.6. The issue is a Business Logic Error arising from improper permission handling in the password-reset workflow (the /answer/admin/api/user/password path). An attacker with low privileges can modify the user_id pa...

6CVSS4.3AI score0.00644EPSS

OSV•added 2023/03/21 12:0 a.m.•26 views

CVE-2023-1541 Business Logic Errors in answerdev/answer

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

6CVSS5.4AI score0.00644EPSS