Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NAnswer
APPAnswer< 1.0.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2023-1537CRITICAL9.8ten sam produkt
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
CVE-2023-0741CRITICAL9.0ten sam produkt
Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4.
CVE-2023-0742CRITICAL9.0ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.
CVE-2023-0743CRITICAL9.0ten sam produkt
Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4.
CVE-2023-0740CRITICAL9.0ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.