CVE-2023-1245 LOW

CVE-2023-1245: Cross-site Scripting (XSS) - Stored in answerdev/answer

Vendor Answerdev

Product answerdev/answer

Weakness CWE-79 · XSS

Published March 7, 2023

Last update March 6, 2025

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

Key dates

02Disclosure timeline

March 7, 2023 CVE published

March 6, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1245 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-5414 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro CVE-2024-1692 BoldGrid Easy SEO – Simple and Effective SEO <= 1.6.13 - Authenticated(Contributor+) Stored Cross-Site Scripting via Meta Description CVE-2025-58025 WordPress Master Slider Plugin <= 3.11.0 - Cross Site Scripting (XSS) Vulnerability CVE-2024-3341 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode CVE-2021-40711 Adobe Experience Manager Stored Cross-Site Scripting Could Lead to Arbitrary Code Execution