CVE-2023-0742 – This stored cross-site scripting (XSS) vulnerab... (How to Fix)

Q: What is the severity of CVE-2023-0742?

CVE-2023-0742 has a CVSS score of 9.0 (CRITICAL). This stored cross-site scripting (XSS) vulnerability in the Answer software allows attackers to inject malicious scripts that execute when other users view affected content. Users of Answer versions prior to 1.0.4 are affected, potentially compromising their accounts and data.

📋 TL;DR

This stored cross-site scripting (XSS) vulnerability in the Answer software allows attackers to inject malicious scripts that execute when other users view affected content. Users of Answer versions prior to 1.0.4 are affected, potentially compromising their accounts and data.

💻 Affected Systems

Products:

Answer (answerdev/answer)

Versions: All versions prior to 1.0.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all deployments of Answer where user-generated content is displayed.

📦 What is this software?

Answer by Answer

View all CVEs affecting Answer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, deface content, or redirect users to malicious sites, potentially leading to full account takeover.

🟠

Likely Case

Attackers inject malicious JavaScript to steal session tokens or credentials, enabling unauthorized access to user accounts and sensitive data.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before execution, preventing exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires ability to post content that gets stored and displayed to other users.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.4

Vendor Advisory: https://github.com/answerdev/answer/commit/c3001de52af91f09c96e701facbce0b9fa0c98ad

Restart Required: Yes

Instructions:

1. Backup your Answer instance. 2. Update to version 1.0.4 or later using your package manager or by downloading from GitHub. 3. Restart the Answer service.

🔧 Temporary Workarounds

Input Sanitization

all

Implement server-side input validation and output encoding for user-generated content

Content Security Policy

all

Implement strict CSP headers to restrict script execution

🧯 If You Can't Patch

Disable user-generated content posting functionality
Implement web application firewall rules to block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Check if Answer version is below 1.0.4 in admin panel or configuration files

Check Version:

Check Answer admin interface or review package.json/version files

Verify Fix Applied:

Confirm version is 1.0.4 or higher and test XSS payloads no longer execute

📡 Detection & Monitoring

Log Indicators:

Unusual content submissions with script tags or JavaScript payloads
Multiple failed login attempts from new locations

Network Indicators:

Outbound connections to suspicious domains after viewing content
Unexpected cookie/session data transfers

SIEM Query:

source="answer.log" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2023-0742

CVSS v3 Score: 9.0 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-79

Published: February 8, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/answerdev/answer/commit/c3001de52af91f09c96e701facbce0b9fa0c98ad Patch
https://huntr.dev/bounties/d73a2c03-7035-453b-9c04-c733ace65544 Exploit,Patch,Third Party Advisory
https://github.com/answerdev/answer/commit/c3001de52af91f09c96e701facbce0b9fa0c98ad Patch
https://huntr.dev/bounties/d73a2c03-7035-453b-9c04-c733ace65544 Exploit,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0742, you might also want to check these: