{"vulnerability": "CVE-2023-0398", "sightings": [{"uuid": "4c6ff8d9-bd73-4efa-90e0-4ce6e33f139d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10281", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-0398\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.\n\ud83d\udccf Published: 2023-01-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T17:02:35.080Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/0a852351-00ed-44d2-a650-9055b7beed58\n2. https://github.com/modoboa/modoboa/commit/8e14ac93669df4f35fcdebd55dc9d2f0fed3ed48", "creation_timestamp": "2025-04-03T17:35:37.000000Z"}, {"uuid": "53a01a6d-032b-4758-bdd5-7a499b44e250", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "published-proof-of-concept", "source": "Telegram/MrZamvcHoiOJEmtqN9L9xfdEHiRpih_mQY1OW7RQqScwTjU", "content": "", "creation_timestamp": "2023-01-22T10:14:38.000000Z"}, {"uuid": "b943cde6-284b-4013-8186-bd625da4b022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1321", "content": "CVE-2023-0398 modoboa - mail Server\n\nCSRF \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044e \u0434\u043e\u043c\u0435\u043d\u0430\n*\nusage fot BURP:\n\n\n  \n  \n  history.pushState('', '', '/')\n    \n\n      \n    \n    \n      document.forms[0].submit();\n    \n  \n\n\n\nread", "creation_timestamp": "2023-01-22T10:58:35.000000Z"}, {"uuid": "e1c12c98-c6a3-4506-875d-1c7cb7990a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "published-proof-of-concept", "source": "Telegram/vlccLzTVP15PBXH43GUqSzFOD-JB67498YCP3qsJ7q3P_XY", "content": "", "creation_timestamp": "2023-02-08T22:54:05.000000Z"}, {"uuid": "a488f46b-69d6-47f3-a531-2f4cbd5897df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2378", "content": "CVE-2023-0398 modoboa \u2013 mail Server\n\nDescription\n\nGET /admin/domains/{id}/delete/ page is vulnerable to a CSRF attack.\n\nExploit: https://system32.ink/news-feed/p/165/", "creation_timestamp": "2023-01-22T11:38:28.000000Z"}, {"uuid": "02c51198-bd73-44b9-b612-7022091cf1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "seen", "source": "https://t.me/cibsecurity/56706", "content": "\u203c CVE-2023-0398 \u203c\n\nCross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-19T12:21:37.000000Z"}, {"uuid": "8b1f650c-a83f-4595-81bc-fb4bc63b39a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0398", "type": "seen", "source": "https://t.me/LearnExploit/4586", "content": "CVE-2023-0398 - modoboa ( mail server ) \n\nCSRF leading to delete a domain in modoboa\n\nRead \n\n#CVE #CSRF \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:25:54.000000Z"}]}