{"vulnerability": "CVE-2023-2620", "sightings": [{"uuid": "d87cac7f-80a1-4a17-8c03-78ffb547776c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26206", "type": "seen", "source": "https://t.me/ctinow/185608", "content": "https://ift.tt/urGSXQj\nCVE-2023-26206", "creation_timestamp": "2024-02-15T15:31:33.000000Z"}, {"uuid": "d3ee8289-7a49-4c1d-bf7c-1fa34fe7a44f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26206", "type": "seen", "source": "https://t.me/ctinow/203101", "content": "https://ift.tt/05u2ztR\nCVE-2023-26206 | Fortinet FortiNAC up to 7.2.0/9.1.10/9.2.8/9.4.2 Policy Audit Log name cross site scripting (FG-IR-23-063)", "creation_timestamp": "2024-03-08T07:51:36.000000Z"}, {"uuid": "de656ee1-5937-48be-94c0-94cf5c2daec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26203", "type": "seen", "source": "https://t.me/cibsecurity/63260", "content": "\u203c CVE-2023-26203 \u203c\n\nA use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T02:36:23.000000Z"}, {"uuid": "d7c79a7c-1573-4919-ab0b-909206254255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2620", "type": "seen", "source": "https://t.me/cibsecurity/66624", "content": "\u203c CVE-2023-2620 \u203c\n\nAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions. This addresses an incomplete fix for CVE-2023-0838.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T07:45:24.000000Z"}, {"uuid": "a2ccd35d-f17d-46f8-9ee7-d7e6fe0e7d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26209", "type": "seen", "source": "https://t.me/cibsecurity/59725", "content": "\u203c CVE-2023-26209 \u203c\n\nA improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiDeceptor 3.1.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T18:20:25.000000Z"}, {"uuid": "e22ed0e5-6d76-4bff-ab8d-b2ad898ee7a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26208", "type": "seen", "source": "https://t.me/cibsecurity/59728", "content": "\u203c CVE-2023-26208 \u203c\n\nA improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T18:20:28.000000Z"}]}