231 matches found
CVE-2023-1541 Business Logic Errors in answerdev/answer
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
PT-2023-17062 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.6 Description: The issue concerns Business Logic Errors in the GitHub repository answerdev/answer. Recommendations: For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue...
PT-2023-17063 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.6 Description: The issue concerns Business Logic Errors in the GitHub repository answerdev/answer. There is no information provided about the estimated number of potentially affected devices worldwide or...
CVE-2023-1542 Business Logic Errors in answerdev/answer
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1535 Cross-site Scripting (XSS) - Stored in answerdev/answer
Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...
PT-2023-17056 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.7 Description: The issue is related to Stored Cross-site Scripting XSS in the GitHub repository answerdev/answer. This type of attack allows an attacker to inject malicious scripts into a website, which...
CVE-2023-1538 Observable Timing Discrepancy in answerdev/answer
Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1535
CVE-2023-1535 affects the GitHub project answerdev/answer with a Stored XSS vulnerability in versions prior to 1.0.7. The issue is caused by XSS in the application’s code path handling user input. Impact details across sources indicate cross-site execution risks for affected users. Remediation ad...
CVE-2023-1542 Business Logic Errors in answerdev/answer
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1543 Insufficient Session Expiration in answerdev/answer
Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6...
PT-2023-17058 · Unknown · Answerdev/Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.6 Description: The issue is related to Authentication Bypass by Capture-replay. This allows unauthorized access by reusing captured authentication data. There is no information provided about the estimat...
PT-2023-17060 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.6 Description: The issue is related to improper restriction of excessive authentication attempts and a guessable CAPTCHA in the GitHub repository answerdev/answer. Recommendations: For versions prior to...
CVE-2023-1540 Observable Response Discrepancy in answerdev/answer
Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1542
CVE-2023-1542 concerns business logic errors in the open-source project answerdev/answer prior to version 1.0.6 . Connected sources confirm the affected component and version range and provide a remediation: upgrade to 1.0.6 or later . The issue is described consistently across Red Hat/OSV and ot...
PT-2023-17057 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.7 Description: The issue is related to Stored Cross-site Scripting XSS in the GitHub repository answerdev/answer. This type of attack allows an attacker to inject malicious scripts into a website, which...
CVE-2023-1537 Authentication Bypass by Capture-replay in answerdev/answer
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1538 Observable Timing Discrepancy in answerdev/answer
Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1536 Cross-site Scripting (XSS) - Stored in answerdev/answer
Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...
CVE-2023-1537 Authentication Bypass by Capture-replay in answerdev/answer
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1536
CVE-2023-1536 describes a stored Cross-site Scripting (XSS) vulnerability in the GitHub repository answerdev/answer for versions prior to 1.0.7 . The issue arises from user-supplied input being stored and subsequently reflected, enabling an attacker to execute script in an authenticated user’s co...