x/vulndb: potential Go vuln in github.com/apache/incubator-answer: GHSA-cvqr-mwh6-2vc6

[GoVulnBot]

In GitHub Security Advisory GHSA-cvqr-mwh6-2vc6, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/apache/incubator-answer	1.3.0	< 1.3.0

Cross references:

• Module github.com/apache/incubator-answer appears in issue x/vulndb: potential Go vuln in github.com/apache/incubator-answer: GHSA-f899-4mr4-fqpv #2457 NOT_IMPORTABLE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/apache/incubator-answer
      versions:
        - fixed: 1.3.0
      vulnerable_at: 1.3.0-RC1
      packages:
        - package: github.com/apache/incubator-answer
summary: 'Apache Answer: XSS vulnerability when changing personal website in github.com/apache/incubator-answer'
cves:
    - CVE-2024-29217
ghsas:
    - GHSA-cvqr-mwh6-2vc6
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2024-29217
    - web: https://lists.apache.org/thread/nc0g1borr0d3wx25jm39pn7nyf268n0x
    - advisory: https://github.com/advisories/GHSA-cvqr-mwh6-2vc6
source:
    id: GHSA-cvqr-mwh6-2vc6

[gopherbot]

Change https://go.dev/cl/581799 mentions this issue: data/reports: add GO-2024-2743.yaml