Skip to main content

Answer

45 CVEs product

Monthly

CVE-2026-24735 Go HIGH PATCH This Week

Answer contains a vulnerability that allows attackers to retrieve restricted or sensitive information (CVSS 7.5).

Apache Answer Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-29868 Go MEDIUM PATCH This Month

Private Data Structure Returned From A Public Method vulnerability in Apache Answer.4.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apache Answer Suse
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2024-45719 Go LOW PATCH Monitor

Inadequate Encryption Strength vulnerability in Apache Answer.4.0. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Apache Information Disclosure Answer
NVD
CVSS 3.1
2.6
EPSS
0.2%
CVE-2024-40761 Go MEDIUM PATCH This Month

Inadequate Encryption Strength vulnerability in Apache Answer.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Answer
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2024-41890 Go MEDIUM PATCH This Month

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Answer
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2024-41888 Go MEDIUM PATCH This Month

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Answer
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2024-29217 Go MEDIUM PATCH This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.3.0. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Answer
NVD
CVSS 3.1
4.6
EPSS
1.0%
CVE-2024-26578 Go MEDIUM PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Apache Answer
NVD
CVSS 3.1
5.9
EPSS
0.9%
CVE-2024-23349 Go MEDIUM PATCH This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.2.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Answer
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2024-22393 Go CRITICAL PATCH Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.2.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache File Upload Answer
NVD
CVSS 3.1
9.1
EPSS
2.5%
CVE-2023-49619 Go LOW PATCH Monitor

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Apache Race Condition Information Disclosure Answer
NVD
CVSS 3.1
3.1
EPSS
1.3%
CVE-2023-4815 Go HIGH POC PATCH This Week

Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-4127 Go MEDIUM POC PATCH This Month

Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-4126 Go HIGH POC PATCH This Week

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-4125 Go HIGH POC PATCH This Week

Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-4124 Go MEDIUM POC PATCH This Month

Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-2590 Go LOW POC PATCH Monitor

Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
CVSS 3.1
3.5
EPSS
0.5%
CVE-2023-1976 Go HIGH POC PATCH This Week

Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-1975 Go MEDIUM POC PATCH This Month

Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-1974 Go MEDIUM POC PATCH This Month

Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-1543 Go HIGH POC PATCH This Week

Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-1542 Go MEDIUM POC PATCH This Month

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2023-1541 Go LOW POC PATCH Monitor

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
3.8
EPSS
0.6%
CVE-2023-1540 Go MEDIUM POC PATCH This Month

Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-1539 Go MEDIUM POC PATCH This Month

Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-1538 Go MEDIUM POC PATCH This Month

Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-1537 Go CRITICAL POC PATCH Act Now

Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1536 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-1535 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-1245 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-1244 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-1243 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-1242 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-1241 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-1240 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-1239 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-1238 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-1237 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-0934 Go MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-0744 Go CRITICAL POC PATCH Act Now

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
6.4%
CVE-2023-0743 Go CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
9.0
EPSS
0.7%
CVE-2023-0742 Go CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
9.0
EPSS
0.9%
CVE-2023-0741 Go CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
9.0
EPSS
0.9%
CVE-2023-0740 Go CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
CVSS 3.1
9.0
EPSS
0.7%
CVE-2023-0739 Go MEDIUM POC PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Answer
NVD GitHub
CVSS 3.1
6.8
EPSS
0.7%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Answer contains a vulnerability that allows attackers to retrieve restricted or sensitive information (CVSS 7.5).

Apache Answer Suse
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Private Data Structure Returned From A Public Method vulnerability in Apache Answer.4.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apache Answer +1
NVD
EPSS 0% CVSS 2.6
LOW PATCH Monitor

Inadequate Encryption Strength vulnerability in Apache Answer.4.0. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Apache Information Disclosure Answer
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Inadequate Encryption Strength vulnerability in Apache Answer.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Answer
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Answer
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Answer
NVD
EPSS 1% CVSS 4.6
MEDIUM PATCH This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.3.0. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Answer
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Apache +1
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.2.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Answer
NVD
EPSS 2% CVSS 9.1
CRITICAL PATCH Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.2.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache File Upload Answer
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Apache Race Condition Information Disclosure +1
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Answer
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
EPSS 0% CVSS 3.5
LOW POC PATCH Monitor

Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 3.8
LOW POC PATCH Monitor

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 6% CVSS 9.8
CRITICAL POC PATCH Act Now

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub Exploit-DB
EPSS 1% CVSS 9.0
CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 9.0
CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 9.0
CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 9.0
CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Answer
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Race Condition Information Disclosure Answer
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy