{"vulnerability": "CVE-2023-2882", "sightings": [{"uuid": "7a096c86-ee7c-43d1-b4eb-766707e3abcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28826", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9464", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28826\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data.\n\ud83d\udccf Published: 2024-03-08T01:35:28.817Z\n\ud83d\udccf Modified: 2025-03-28T19:26:04.805Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT214083\n2. https://support.apple.com/en-us/HT213984\n3. https://support.apple.com/en-us/HT214082\n4. https://support.apple.com/en-us/HT214085\n5. https://support.apple.com/kb/HT213984\n6. http://seclists.org/fulldisclosure/2024/Mar/22\n7. http://seclists.org/fulldisclosure/2024/Mar/23", "creation_timestamp": "2025-03-28T20:29:10.000000Z"}, {"uuid": "413bbb6e-c448-4000-ba42-17130662e770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28823", "type": "seen", "source": "https://t.me/ctinow/180623", "content": "https://ift.tt/8d36jeq\nCVE-2023-28823 | Oracle Communications Service Catalog and Design 7.4.2.8.0 PSR Designer uncontrolled search path", "creation_timestamp": "2024-02-07T11:07:05.000000Z"}, {"uuid": "b3d8542c-6468-4f66-9116-cadfa103b2bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28821", "type": "seen", "source": "Telegram/62TKjF8ArcFA5xo8IoHq_q568T41BJwadKJM6yqtBv5OMKUj", "content": "", "creation_timestamp": "2025-01-30T23:28:04.000000Z"}, {"uuid": "c4ef239b-87bf-4acd-9318-ad38ad799e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28820", "type": "seen", "source": "Telegram/GbWGycXo8cCo1MJdf13xL5aBcZPpEJv9m_w9aRrfcBfVJDUF", "content": "", "creation_timestamp": "2025-02-01T17:28:11.000000Z"}, {"uuid": "b950a863-8351-4c8a-8601-c4525712d4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28828", "type": "seen", "source": "https://t.me/cibsecurity/61847", "content": "\u203c CVE-2023-28828 \u203c\n\nA vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T14:23:31.000000Z"}, {"uuid": "c35e7afc-22df-42e1-96a8-ca84198b8d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28820", "type": "seen", "source": "https://t.me/cibsecurity/63067", "content": "\u203c CVE-2023-28820 \u203c\n\nConcrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T18:27:32.000000Z"}, {"uuid": "fe6adcee-9383-4977-9782-a43e8064a285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28821", "type": "seen", "source": "https://t.me/cibsecurity/63053", "content": "\u203c CVE-2023-28821 \u203c\n\nConcrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T18:27:17.000000Z"}]}