GHSA-x4f6-mqg6-28xxMediumCVSS 6.5
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue...
🔗 CVE IDs covered (1)
📋 Description
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.
This issue affects Apache Answer: through 2.0.0.
The server did not sufficiently validate user-supplied image URLs, allowing arbitrary external content to be embedded as profile images, which could expose users to unintended external requests and tracking by third-party servers. Users are recommended to upgrade to version 2.0.1, which fixes the issue.