{"uuid": "3d762fc6-c1b3-4ad5-93e0-856abc8eedfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52084", "type": "seen", "source": "https://t.me/arpsyndicate/3035", "content": "#ExploitObserverAlert\n\nCVE-2023-52084\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-52084. Winter is a free, open-source content management system. Prior to 1.2.4, Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. This issue has been patched in v1.2.4.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 2.7\nNVD-ES: 2.3", "creation_timestamp": "2024-01-26T18:48:10.000000Z"}