Vulnerabilities > Apache > Answer > 1.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-41888 | Unspecified vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. | 5.3 |
| 2024-08-12 | CVE-2024-41890 | Unspecified vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. | 5.3 |
| 2024-02-22 | CVE-2024-26578 | Race Condition vulnerability in Apache Answer Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. | 5.9 |