CVE-2023-4815: Missing Authentication for Critical Function

September 7, 2023 (updated September 8, 2023)

Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3.

References

github.com/advisories/GHSA-pj2h-85jq-g5vg
github.com/answerdev/answer/commit/e75142a55546e01d8904f59db228422561f51666
huntr.dev/bounties/4cd3eeb4-57c9-4af2-ad19-2166c9e0fd2c
nvd.nist.gov/vuln/detail/CVE-2023-4815

Code Behaviors & Features

Detect and mitigate CVE-2023-4815 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →