CVE-2023-1536 — Cross-site Scripting in Answer

Severity

5.4MEDIUMNVD

EPSS

0.3%

top 50.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 21

Latest updateDec 30

Description

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

▶CVEListV5answerdev/answerdev_answerunspecified — 1.0.7

▶Linuxlinux/linux_kernel4.13.0 — 4.14.313+6

OSV

net: macb: fix a memory corruption in extended buffer descriptor mode↗2025-12-30

▶

OSV

Answer vulnerable to Stored Cross-site Scripting in github.com/answerdev/answer↗2024-08-20

▶

GHSA

Answer vulnerable to Stored Cross-site Scripting↗2023-03-21

▶

OSV

Answer vulnerable to Stored Cross-site Scripting↗2023-03-21

▶

Red Hat

kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node↗2024-05-17

▶

Bugzilla

CVE-2023-52662 kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node↗2024-05-18

▶