Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.10 and earlier

Summary This fix upgrades to nodejs 14.21.3. Vulnerability Details CVEID:CVE-2023-23918 DESCRIPTION: Node.js could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when enable the experimental permissions option with --experimental-policy. By sending a...

Answer Cross-Site Scripting Vulnerability (CNVD-2023-31162)

Answer is an open source knowledge-based community software. You can quickly use it to build Q&A communities for your products, customers, teams and more. Answer has a cross-site scripting vulnerability in versions prior to 1.0.6. The vulnerability stems from the fact that when answering added ne...

answer cross-site scripting vulnerability (CNVD-2023-31163)

answer is knowledge-based open source community software. You can use it to quickly build product technical support, customer support, user communication and other Q&A community. Answer versions prior to 1.0.6 have a cross-site scripting vulnerability that can be exploited by attackers to inject...

GHSA-55VM-3VQ3-4JPC Answer vulnerable to Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

GHSA-VXHR-P2VP-7GF8 Answer vulnerable to Cross-site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository answerdev/answer prior to 1.0.6...

GHSA-9V4V-9FJ5-P982 Answer vulnerable to Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

GHSA-5W78-V688-CX9Q Answer vulnerable to Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

Answer vulnerable to Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1238

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1241

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1239

Cross-site Scripting XSS - Reflected in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1240

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1243

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1242

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1237

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

PT-2023-16831 · Unknown · Answerdev/Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.6 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation, allowing attackers to inject malicious scripts. Thi...

answer 跨站脚本漏洞

answer is an open source knowledge-based community software. A cross-site scripting vulnerability exists in versions of answer prior to 1.0.6. An attacker could exploit this vulnerability to perform a cross-site scripting attack...

CVE-2023-1241 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1239 Cross-site Scripting (XSS) - Reflected in answerdev/answer

Cross-site Scripting XSS - Reflected in GitHub repository answerdev/answer prior to 1.0.6...

answer 跨站脚本漏洞

answer is an open source knowledge-based community software. A cross-site scripting vulnerability exists in versions of answer prior to 1.0.6. An attacker could exploit this vulnerability to perform a cross-site scripting attack...