Описание
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer.
This issue affects Apache Answer: through 1.7.1.
An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or sensitive information. Users are recommended to upgrade to version 2.0.0, which fixes the issue.
EPSS
Процентиль: 2%
0.00013
Низкий
7.5 High
CVSS3
Дефекты
CWE-359
Связанные уязвимости
CVSS3: 7.5
github
3 дня назад
Apache Answer Exposure of Private Personal Information to an Unauthorized Actor vulnerability
EPSS
Процентиль: 2%
0.00013
Низкий
7.5 High
CVSS3
Дефекты
CWE-359