Apache Answer is a community platform of the Apache (USA) Foundation. Apache Answer 1.2.1 and earlier versions suffer from a cross-site scripting vulnerability that stems from the application’s lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a carefully crafted payload.