Severity: moderate Affected versions:
- Apache Answer through 2.0.0 Description: Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, allowing arbitrary external content to be embedded as profile images, which could expose users to unintended external requests and tracking by third-party servers. Users are recommended to upgrade to version 2.0.1, which fixes the issue. Credit: Reimar Fritz (reporter) References: https://answer.apache.org https://www.cve.org/CVERecord?id=CVE-2026-34031
