漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Answer: Revision API Improper Access Control leads to Information Disclosure
Vulnerability Description
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or sensitive information. Users are recommended to upgrade to version 2.0.0, which fixes the issue.
CVSS Information
N/A
Vulnerability Type
侵犯隐私
Vulnerability Title
Apache Answer 安全漏洞
Vulnerability Description
Apache Answer是美国阿帕奇(Apache)基金会的一个社区平台。 Apache Answer 1.7.1及之前版本存在安全漏洞,该漏洞源于未经验证的API端点暴露已删除内容的完整修订历史,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A