{"vulnerability": "CVE-2023-4372", "sightings": [{"uuid": "63767394-0782-44d8-9deb-4766f6ca50c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43728", "type": "seen", "source": "https://t.me/cibsecurity/71380", "content": "\u203c CVE-2023-43728 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"stock_delivery_terms_text[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:23.000000Z"}, {"uuid": "a0ba03a5-bb94-4f04-9686-95c638e43694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43725", "type": "seen", "source": "https://t.me/cibsecurity/71379", "content": "\u203c CVE-2023-43725 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"orders_products_status_name_long[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:22.000000Z"}, {"uuid": "003314ed-891c-4d81-9162-1022661fb97e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43721", "type": "seen", "source": "https://t.me/cibsecurity/71371", "content": "\u203c CVE-2023-43721 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"PACKING_SLIPS_SUMMARY_TITLE[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:09.000000Z"}, {"uuid": "885db776-d48b-46cd-aa51-49b28ee25bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43726", "type": "seen", "source": "https://t.me/cibsecurity/71377", "content": "\u203c CVE-2023-43726 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"orders_products_status_manual_name_long[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:20.000000Z"}, {"uuid": "2e617ecd-b126-4643-9ed0-b70257d5c53b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43729", "type": "seen", "source": "https://t.me/cibsecurity/71376", "content": "\u203c CVE-2023-43729 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"xsell_type_name[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:16.000000Z"}, {"uuid": "22d40fff-e72b-4c0f-80a6-3a9faec7ef95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43727", "type": "seen", "source": "https://t.me/cibsecurity/71367", "content": "\u203c CVE-2023-43727 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"stock_indication_text[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:05.000000Z"}, {"uuid": "53c9a2f9-c31c-47dc-849c-657150ab4e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43723", "type": "seen", "source": "https://t.me/cibsecurity/71365", "content": "\u203c CVE-2023-43723 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"orders_status_name[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:03.000000Z"}, {"uuid": "cbbddb40-735e-4aa4-84ff-8713c61fa078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43724", "type": "seen", "source": "https://t.me/cibsecurity/71363", "content": "\u203c CVE-2023-43724 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription[1][name]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:01.000000Z"}, {"uuid": "5fe967b1-c981-48e9-9a64-00c0b3072974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43720", "type": "seen", "source": "https://t.me/cibsecurity/71362", "content": "\u203c CVE-2023-43720 \u203c\n\nOs Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.This vulnerability allows attackers to inject JS through the \"BILLING_GENDER_TITLE[1]\" parameter,potentially leading to unauthorized execution of scripts within a user's web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-01T02:39:00.000000Z"}]}