{"vulnerability": "CVE-2023-3909", "sightings": [{"uuid": "3f1bbf6f-b9ed-4aee-97bc-e36ed02248d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39096", "type": "seen", "source": "https://t.me/cibsecurity/67689", "content": "\u203c CVE-2023-39096 \u203c\n\nWebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting (XSS) vulnerability due to lack of input validation and output encoding.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T18:40:10.000000Z"}, {"uuid": "c4446c8d-de2e-4e5f-83ff-4201f748e289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39094", "type": "seen", "source": "https://t.me/cibsecurity/68898", "content": "\u203c CVE-2023-39094 \u203c\n\nCross Site Scripting vulnerability in ZeroWdd studentmanager v.1.0 allows a remote attacker to execute arbitrary code via the username parameter in the student list function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:14.000000Z"}, {"uuid": "8162f76b-cb4e-42cd-84c9-8415082b5b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3909", "type": "seen", "source": "https://t.me/cibsecurity/73618", "content": "\u203c CVE-2023-3909 \u203c\n\nAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A Regular Expression Denial of Service was possible by adding a large string in timeout input in gitlab-ci.yml file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-06T17:38:30.000000Z"}]}