{"vulnerability": "CVE-2023-22893", "sightings": [{"uuid": "f08bd75e-b920-41e5-869c-c50ba24f1c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/strapi_cve_2023_22893", "content": "", "creation_timestamp": "2023-04-30T12:52:53.000000Z"}, {"uuid": "57725e8f-09c0-49a4-9eef-a8270085184f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/170", "content": "Multiple Critical Vulnerabilities in Strapi Versions <=4.7.1\n\n\ud83d\udc64 by GhostCcamm\n\nStrapi had multiple critical vulnerabilities that could be chained together to gain Unauthenticated Remote Code Execution. This is GhostCcamm's public disclosure of the vulnerabilities he found in Strapi, how they were patched and some nonsensical ramblings.\n\n\ud83d\udcdd Contents:\n\u25cf Overview \n\u25cf TL;DR\n\u25cf Disclaimers\n\u25cf CVE-2023-22893\n\u25cf CVE-2023-22621\n\u25cf CVE-2023-22894\n\u25cf Chaining CVE-2023-22621 and CVE-2023-22894 Together to Achieve Unauthenticated RCE \n\u25cf Indicators of Compromise \n\u25cf Conclusion \n\nhttps://www.ghostccamm.com/blog/multi_strapi_vulns/", "creation_timestamp": "2023-04-18T09:12:23.000000Z"}, {"uuid": "a2f562b2-7bd0-488e-8dde-3a10e9eda9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "seen", "source": "Telegram/rrCH1mJt5YZGRlrso3uiQLR58aMCTJ_UmeqXQXTzKgSb3ZZd", "content": "", "creation_timestamp": "2025-02-06T02:44:19.000000Z"}, {"uuid": "ce96b091-7949-417e-bc06-983db5a76aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "published-proof-of-concept", "source": "Telegram/BDIuQxJm2Cl1hcH3rBtjVuiBaQPlmqaGA0Zegr2NgVBdQWM", "content": "", "creation_timestamp": "2023-04-18T17:16:58.000000Z"}]}