CVE-2023-1535 — Cross-site Scripting in Answer

Severity

5.4MEDIUMNVD

EPSS

0.3%

top 50.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 21

Latest updateAug 20

Description

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

▶CVEListV5answerdev/answerdev_answerunspecified — 1.0.7

OSV

Answer vulnerable to Stored Cross-site Scripting in github.com/answerdev/answer↗2024-08-20

▶

OSV

Answer vulnerable to Stored Cross-site Scripting↗2023-03-21

▶

GHSA

Answer vulnerable to Stored Cross-site Scripting↗2023-03-21

▶