Aggregates CVE and security vulnerability intelligence across all answer-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-4815 | Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3. | [email protected] | 8.8 | 0.06% | 2023-09-07 | 2024-11-21 |
| CVE-2023-4127 | Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1. | [email protected] | 5.9 | 0.15% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4126 | Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0. | [email protected] | 8.8 | 0.08% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4125 | Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. | [email protected] | 8.8 | 0.25% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4124 | Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1. | [email protected] | 6.5 | 0.17% | 2023-08-03 | 2024-11-21 |
| CVE-2023-2590 | Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. | [email protected] | 3.5 | 0.17% | 2023-05-09 | 2024-11-21 |
| CVE-2023-1976 | Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 8.8 | 0.34% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1975 | Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8. | [email protected] | 6.5 | 0.35% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1974 | Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8. | [email protected] | 6.5 | 0.19% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1543 | Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 8.8 | 0.34% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1542 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.31% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1541 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 3.8 | 0.31% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1540 | Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.22% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1539 | Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.27% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1538 | Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.22% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1537 | Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 9.8 | 0.26% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1536 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | [email protected] | 5.4 | 0.26% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1535 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | [email protected] | 5.4 | 0.32% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1245 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.23% | 2023-03-07 | 2024-11-21 |
| CVE-2023-1244 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.33% | 2023-03-07 | 2024-11-21 |