{"id":"GHSA-vxhr-p2vp-7gf8","summary":"Answer vulnerable to Cross-site Scripting","details":"Cross-site Scripting (XSS) - Reflected in GitHub repository answerdev/answer prior to 1.0.6.","aliases":["CVE-2023-1239","GO-2023-1620"],"modified":"2024-08-20T20:59:04.590490Z","published":"2023-03-07T09:30:30Z","database_specific":{"nvd_published_at":"2023-03-07T08:15:00Z","cwe_ids":["CWE-79"],"github_reviewed_at":"2023-03-08T17:11:18Z","severity":"MODERATE","github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1239"},{"type":"WEB","url":"https://github.com/answerdev/answer/commit/9870ed87fb24ed468aaf1e169c2d028e0f375106"},{"type":"PACKAGE","url":"https://github.com/answerdev/answer"},{"type":"WEB","url":"https://huntr.dev/bounties/3a22c609-d2d8-4613-815d-58f5990b8bd8"}],"affected":[{"package":{"name":"github.com/answerdev/answer","ecosystem":"Go","purl":"pkg:golang/github.com/answerdev/answer"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.0.6"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/03/GHSA-vxhr-p2vp-7gf8/GHSA-vxhr-p2vp-7gf8.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}