{"vulnerability": "CVE-2023-3444", "sightings": [{"uuid": "36be54a2-9c80-43a1-9919-5787fcdf1a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34445", "type": "seen", "source": "https://t.me/cvedetector/9808", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-34445 - Combodo iTop Web-based IT Service Management XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-34445 \nPublished : Nov. 5, 2024, 12:15 a.m. | 37\u00a0minutes ago \nDescription : Combodo iTop is a simple, web based IT Service Management tool. When displaying pages/ajax.render.php XSS are possible for scripts outside of script tags. This issue has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T02:09:27.000000Z"}, {"uuid": "7b238e70-a15b-4c9a-9176-1da2e8d4632b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34440", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113993035675683324", "content": "", "creation_timestamp": "2025-02-12T21:28:06.529555Z"}, {"uuid": "f3635be5-a85a-4f62-a15b-407836abbdc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34440", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhz76x2uft2z", "content": "", "creation_timestamp": "2025-02-12T22:16:09.421865Z"}, {"uuid": "ad83600c-c7e2-4721-b613-c2a2f117f2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34440", "type": "seen", "source": "MISP/db121278-a8f5-4f36-a226-e45f3a86f55e", "content": "", "creation_timestamp": "2025-08-26T13:26:33.000000Z"}, {"uuid": "5de74cfd-aac4-4c0d-8c71-57796e575815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34444", "type": "seen", "source": "https://t.me/cvedetector/9807", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-34444 - Combodo iTop AJAX Search Form XSS\", \n  \"Content\": \"CVE ID : CVE-2023-34444 \nPublished : Nov. 5, 2024, 12:15 a.m. | 37\u00a0minutes ago \nDescription : Combodo iTop is a simple, web based IT Service Management tool. When displaying pages/ajax.searchform.php XSS are possible for scripts outside of script tags. This issue has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T02:09:26.000000Z"}, {"uuid": "109a3918-1abc-44cf-b60d-7e2dd8c15a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34443", "type": "seen", "source": "https://t.me/cvedetector/9806", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-34443 - Combodo iTop Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-34443 \nPublished : Nov. 5, 2024, 12:15 a.m. | 37\u00a0minutes ago \nDescription : Combodo iTop is a simple, web based IT Service Management tool. When displaying page Run queries Cross-site Scripting (XSS) are possible for scripts outside of script tags. This has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T02:09:22.000000Z"}, {"uuid": "780b9e59-deeb-44f5-a37f-46c0ac4f0e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34441", "type": "seen", "source": "https://t.me/cibsecurity/72543", "content": "\u203c CVE-2023-34441 \u203c\n\nBaker Hughes \u00e2\u20ac\u201c Bently Nevada 3500 System TDI Firmware version 5.05 contains\u00c2\u00a0a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T07:34:07.000000Z"}, {"uuid": "73dee9ff-6e96-42f3-a794-bedf3293268b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34442", "type": "seen", "source": "https://t.me/cibsecurity/66249", "content": "\u203c CVE-2023-34442 \u203c\n\nExposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3.Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-10T20:23:52.000000Z"}]}