{"vulnerability": "CVE-2023-43770", "sightings": [{"uuid": "1080e183-30c9-4185-bc5a-75577a833d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-02-12T18:10:02.000000Z"}, {"uuid": "7ddf5f49-fcc7-4df5-965d-6169db573965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:52.000000Z"}, {"uuid": "6dc5a8fa-e8be-46e7-8dfe-cca4e3c5618d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "seen", "source": "https://swecyb.com/ap/users/116080658609901341/statuses/116243491835752303", "content": "", "creation_timestamp": "2026-03-17T08:10:46.452834Z"}, {"uuid": "0c9f0099-2f69-42ae-95ec-d3f7e2fbb102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-43770", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5715499d-83d3-4440-9649-c3058b603350", "content": "", "creation_timestamp": "2026-02-02T12:26:41.510614Z"}, {"uuid": "8473fab6-4f35-4de0-9c62-f663e333c0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/89", "content": "\u2604\ufe0fCVE-2023-43770: Mail Server Roundcube\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/s3cb0y/CVE-2023-43770-POC\n\n#exploit  #poc #cve", "creation_timestamp": "2023-10-01T18:17:48.000000Z"}, {"uuid": "f0571bf0-2abd-473d-972b-c72b10aceaa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5238", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC for Stored XSS (CVE-2023-43770) Vulnerability\nURL\uff1ahttps://github.com/knight0x07/CVE-2023-43770-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-28T13:52:57.000000Z"}, {"uuid": "df510a7d-4a02-46cf-ac24-93c4efdb2baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/154", "content": "\u2604\ufe0fCVE-2023-43770: Mail Server Roundcube\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/s3cb0y/CVE-2023-43770-POC\n\n#exploit  #poc #cve", "creation_timestamp": "2023-10-01T18:17:48.000000Z"}, {"uuid": "834eb89e-166f-4c7e-b5b6-de7eb7002662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/99", "content": "#Roundcube #phishing\n\nRoundcube CVE-2023-43770\n\nXSS \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u043f\u0438\u0441\u044c\u043c\u0430.\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u043a \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \\n[alert('CVE-2023-43770 POC')]\\n \u0432 \u043f\u0438\u0441\u044c\u043c\u0435 plain-\u0444\u043e\u0440\u043c\u0430\u0442\u0430\n\n\u041f\u0440\u0438\u043c\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 https://github.com/s3cb0y/CVE-2023-43770-POC", "creation_timestamp": "2024-03-12T15:01:01.000000Z"}, {"uuid": "4f928c99-58d0-4e09-9813-542493e60c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "exploited", "source": "Telegram/hXd4Pvb-dXWthzLckrqlrV-_CHqSIy3_moHpaUoT3WPw4Q", "content": "", "creation_timestamp": "2024-02-13T11:04:58.000000Z"}, {"uuid": "1e73d571-560d-4007-9643-cc0ddcafbc68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "Telegram/T3PwYAaLXNUvxf0sq-I7OtOMJ9gXcLl3YbizQw_6jK9FM8w", "content": "", "creation_timestamp": "2024-04-24T17:42:10.000000Z"}, {"uuid": "750ede04-5ff2-4a8e-99a7-eca8faa3ecf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "Telegram/hEtOOzXQkysV-hCJvvNeqNqzwY3K3JGquXeHHV3ZOFWEjw", "content": "", "creation_timestamp": "2023-11-16T15:04:39.000000Z"}, {"uuid": "54d7d35f-bfe7-4364-bcf1-bbe94a66ef16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/22825", "content": "https://github.com/s3cb0y/CVE-2023-43770-POC", "creation_timestamp": "2024-04-24T17:42:11.000000Z"}, {"uuid": "65c7309a-8c5f-46e6-9e19-48ce283e2e2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "exploited", "source": "Telegram/xxgJ75DlLasyAbmQXHJZiGiEmTmR8CCae0CrlGGlkWkSAw", "content": "", "creation_timestamp": "2024-02-13T06:35:27.000000Z"}, {"uuid": "55fb2419-8587-4150-b340-4dd013a85cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "exploited", "source": "https://t.me/KomunitiSiber/1481", "content": "Alert: CISA Warns of Active 'Roundcube' Email Attacks - Patch Now\nhttps://thehackernews.com/2024/02/alert-cisa-warns-of-active-roundcube.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday\u00a0added\u00a0a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe issue, tracked as\u00a0CVE-2023-43770\u00a0(CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of", "creation_timestamp": "2024-02-13T06:14:55.000000Z"}, {"uuid": "3c226e33-cbcc-4b44-a499-767b3a9e1cb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "Telegram/_2iZhze6jswijCm6NsMkH5GB7hxCAMET0bj118-njZt1foI", "content": "", "creation_timestamp": "2025-04-20T17:00:09.000000Z"}, {"uuid": "3db36f97-a4a7-43c5-9923-fd5042d433e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "Telegram/wQTtnJs4bu2qpdkfBduUtEA8WULI7A-GTXrtlXHlEfx64Q", "content": "", "creation_timestamp": "2023-09-30T04:25:30.000000Z"}, {"uuid": "d2f0a81c-f46e-4f81-980d-abe3611735ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3148", "content": "https://github.com/s3cb0y/CVE-2023-43770-POC", "creation_timestamp": "2023-09-29T12:56:46.000000Z"}, {"uuid": "62958de2-dd15-4c99-83d7-b4d8cdc243dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3213", "content": "Hackers Factory \n\nInstagram-py performs slick brute force attack on Instagram without any type of password limiting\n\nand also resumes your attack in ease.\n\n\u2014DeathSec\n\nhttps://github.com/deathsec/instagram-py\n\nAn open-source self-hosted purple team management web application.\n\nhttps://github.com/CyberCX-STA/PurpleOps?mibextid=Zxz2cZ\n\nJust some lists of Malware Configs\n\nhttps://github.com/Gi7w0rm/MalwareConfigLists\n\na unique vocabulary that is 90% generated with OpenAI ChatGPT.\n\nhttps://github.com/reewardius/bbFuzzing.txt\n\nCVE-2023-20209\n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\nOfficial repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts\n\nhttps://github.com/sherdencooper/GPTFuzz\n\nAttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details\n\nhttps://github.com/mrwadams/attackgen\n\nA Proof-Of-Concept for the CVE-2023-43770 vulnerability.\n\nhttps://github.com/s3cb0y/CVE-2023-43770-POC\n\nreverse shell using curl\n\nhttps://github.com/irsl/curlshell\n\nCVE-2023-42820\n\nhttps://github.com/h4m5t/CVE-2023-42820\n\nGoCrack is a management frontend for password cracking tools written in Go\n\nhttps://github.com/mandiant/gocrack\n\nAsk a TGS on behalf of another user without password\n\nhttps://github.com/foxlox/GIUDA\n\nCVE-2023-42442\n\nhttps://github.com/HolyGu/CVE-2023-42442\n\nBypass the Event Trace Windows(ETW) and unhook ntdll.\n\nhttps://github.com/unkvolism/Fuck-Etw\n\nMicrosoft SharePoint Server Elevation of Privilege Vulnerability\n\nhttps://github.com/Chocapikk/CVE-2023-29357\n\nDorks-collections-list/onion.txt at main \u00b7 cipher387/Dorks-collections-list\n\nhttps://github.com/cipher387/Dorks-collections-list/blob/main/onion.txt\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-10T20:32:25.000000Z"}, {"uuid": "c146bd7b-f334-44a5-a734-71403345ab70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1739", "content": "CVE-2023-43770\nmail server Roundcube\n*\nusage:\npython cve-2023-43770.py -e attacker@gmail.com -p Attack3rPwd -t victim@example.com\n*\nPOC exploit", "creation_timestamp": "2023-09-28T15:18:12.000000Z"}, {"uuid": "112ebba2-1660-4da1-b085-25a051952cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4393", "content": "Roundcube CVE-2023-43770 POC : Check\n\nCVE-2023-34040 RCE Exploit : Check\n\nNightmangle: Telegram Command And Control (C2) Agent : Check", "creation_timestamp": "2023-09-30T04:24:47.000000Z"}, {"uuid": "0d6ce9c1-2821-4e39-b8ab-e6957b0ab607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/21199", "content": "\u062e\u0627\u062f\u0645 \u0627\u0644\u0628\u0631\u064a\u062f CVE-2023-43770 Roundcube * \u0627\u0644\u0627\u0633\u062a\u062e\u062f\u0627\u0645: python http:// cve-2023-43770.py -e Attacker@gmail.com -p Attack3rPwd -t \u0627\u0644\u0636\u062d\u064a\u0629@example.com * \u0627\u0633\u062a\u063a\u0644\u0627\u0644 POC \n https:// github.com /s3cb0y/CVE-202 3-43770-POC  \u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u062a\u063a\u0631\u064a\u062f\u0627\u062a \u0627\u0644\u0642\u062f\u064a\u0645\u0629 \u0644\u0640", "creation_timestamp": "2023-09-29T21:53:15.000000Z"}, {"uuid": "89200c83-a9c2-43a3-8f1d-ec64c8c434a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "seen", "source": "https://t.me/ctinow/197505", "content": "https://ift.tt/SDPKxH5\nCVE-2023-43770 Exploitation", "creation_timestamp": "2024-03-01T11:16:50.000000Z"}, {"uuid": "be808164-8315-4e05-8ef7-98adfb3018bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "seen", "source": "https://t.me/ctinow/183745", "content": "https://ift.tt/ua2Nshc\nRoundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)", "creation_timestamp": "2024-02-13T11:31:15.000000Z"}, {"uuid": "0726f836-2144-4139-98e6-871aa76b33c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "exploited", "source": "https://t.me/information_security_channel/51522", "content": "CISA Warns of Roundcube Webmail Vulnerability Exploitation\nhttps://www.securityweek.com/cisa-warns-of-roundcube-webmail-vulnerability-exploitation/\n\nCISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.\nThe post CISA Warns of Roundcube Webmail Vulnerability Exploitation (https://www.securityweek.com/cisa-warns-of-roundcube-webmail-vulnerability-exploitation/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-02-13T14:09:32.000000Z"}, {"uuid": "0cff5d5b-63a9-42c1-86ad-1c8bf867576c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1202", "content": "https://github.com/s3cb0y/CVE-2023-43770-POC\n\n#github #poc", "creation_timestamp": "2023-09-28T11:42:17.000000Z"}, {"uuid": "6d5ddb7d-b113-40df-8d2a-ee3be312905d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9109", "content": "#exploit\n1. CVE-2023-42442:\nJumpServer unauthorized access vulnerability\nhttps://github.com/HolyGu/CVE-2023-42442\n\n2. CVE-2023-43770:\nRoundcube allows XSS via text/plain e-mail messages\nhttps://github.com/s3cb0y/CVE-2023-43770-POC", "creation_timestamp": "2024-02-03T03:56:47.000000Z"}, {"uuid": "ba04f769-d0c6-4c50-b8b1-2f00d86aa6f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43770", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1153", "content": "#exploit\n1. CVE-2023-42442:\nJumpServer unauthorized access vulnerability\nhttps://github.com/HolyGu/CVE-2023-42442\n\n2. CVE-2023-43770:\nRoundcube allows XSS via text/plain e-mail messages\nhttps://github.com/s3cb0y/CVE-2023-43770-POC\n\n3. CVE-2023-42820:\nJumpServer - Random seed leakage results in the user password being reset\nhttps://github.com/h4m5t/CVE-2023-42820", "creation_timestamp": "2024-08-16T08:30:20.000000Z"}]}