What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
CVE-2023-1238
HIGH
CVE-2023-1238: Cross-site Scripting (XSS) - Stored in answerdev/answer
CVSS base score
7.6/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Key dates
02Disclosure timeline
March 7, 2023
CVE published
March 6, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-8115 PHPGurukul Taxi Stand Management System new-autoortaxi-entry-form.php cross site scripting
CVE-2024-45592 auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped
CVE-2024-52888 Stored-XSS
CVE-2025-39594 WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-9220 LH Copy Media File <= 1.08 - Reflected Cross-Site Scripting
