CVE-2023-0934

Name of the Vulnerable Software and Affected Versions answerdev/answer versions prior to 1.0.5

Description The issue is related to Cross-site Scripting (XSS) - Stored, which affects the GitHub repository answerdev/answer. Cross-site Scripting (XSS) is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, allowing them to steal user data or take control of the user's session. Stored XSS is a type of XSS where the malicious script is stored on the server and executed when a user accesses the affected page.

Recommendations For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the repository to minimize the risk of exploitation.