Apache

Answer

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.45%
  • Veröffentlicht 10.06.2026 14:57:00
  • Zuletzt bearbeitet 12.06.2026 00:50:20

Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Previously issued administrative tokens were not invalidated after an administrator account was suspended, deleted, o...

  • EPSS 0.33%
  • Veröffentlicht 09.06.2026 07:35:56
  • Zuletzt bearbeitet 10.06.2026 13:28:00

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenti...

  • EPSS 0.37%
  • Veröffentlicht 09.06.2026 07:35:16
  • Zuletzt bearbeitet 11.06.2026 15:35:48

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. User-supplied content was included in notification emails without proper escaping, allowi...

  • EPSS 0.4%
  • Veröffentlicht 09.06.2026 07:34:38
  • Zuletzt bearbeitet 10.06.2026 13:28:10

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, allowing arbitrary external content to be embedded a...

  • EPSS 0.48%
  • Veröffentlicht 09.06.2026 07:34:02
  • Zuletzt bearbeitet 10.06.2026 13:37:57

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation during image decoding, allowing an authenticated user to...

  • EPSS 0.41%
  • Veröffentlicht 09.06.2026 07:33:18
  • Zuletzt bearbeitet 10.06.2026 13:38:12

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization checks, allowing regular authenticated users to acc...

  • EPSS 0.41%
  • Veröffentlicht 09.06.2026 07:32:23
  • Zuletzt bearbeitet 10.06.2026 13:12:50

Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser without proper sanitization, allowing malicious scripts to be...

  • EPSS 0.62%
  • Veröffentlicht 04.02.2026 10:41:58
  • Zuletzt bearbeitet 06.02.2026 14:40:37

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This a...

  • EPSS 0.87%
  • Veröffentlicht 01.04.2025 08:15:14
  • Zuletzt bearbeitet 15.04.2025 13:07:54

Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obta...

  • EPSS 0.23%
  • Veröffentlicht 22.11.2024 15:15:10
  • Zuletzt bearbeitet 01.07.2025 20:29:14

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Us...