{"vulnerability": "CVE-2023-30948", "sightings": [{"uuid": "65316f84-1d84-4869-ade7-c7d5bcb711f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30948", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/512", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-30948\n\ud83d\udd39 Description: A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's content.\n\nThis defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time.\n\ud83d\udccf Published: 2023-06-06T14:12:59.240Z\n\ud83d\udccf Modified: 2025-01-07T18:15:43.559Z\n\ud83d\udd17 References:\n1. https://palantir.safebase.us/?tcuUid=101b083b-6389-4261-98f8-23448e133a62", "creation_timestamp": "2025-01-07T18:38:54.000000Z"}, {"uuid": "8880d2c3-6940-4024-8a3c-9a46664241ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30948", "type": "seen", "source": "https://t.me/cibsecurity/65011", "content": "\u203c CVE-2023-30948 \u203c\n\nA security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's content.This defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-06T18:29:21.000000Z"}]}