Headline
GHSA-j97g-77fj-9c4p: Answer vulnerable to account takeover because password reset links do not expire
answerdev/answer is an open-source knowledge-based community software. Answer prior to 1.0.6 is vulnerable to account takeover because the password reset link does not expire.
Answer vulnerable to account takeover because password reset links do not expire
Moderate severity GitHub Reviewed Published Apr 11, 2023 to the GitHub Advisory Database • Updated Apr 11, 2023