{"vulnerability": "CVE-2023-4639", "sightings": [{"uuid": "8aea9610-c8b1-4d67-b330-88ed891232ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4639", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113497810158138244", "content": "", "creation_timestamp": "2024-11-17T10:25:44.963517Z"}, {"uuid": "fb13eab6-6ca3-463a-adf7-313f4e1c3f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4639", "type": "seen", "source": "https://t.me/ctinow/181794", "content": "https://ift.tt/puaI7Kj\nCVE-2023-4639", "creation_timestamp": "2024-02-09T04:11:15.000000Z"}, {"uuid": "edc44868-92f7-4f97-a454-61c59d3d13ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4639", "type": "seen", "source": "https://t.me/cvedetector/11259", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-4639 - Undertow HTTP Cookie Deserialization Vulnerability (Remote)\", \n  \"Content\": \"CVE ID : CVE-2023-4639 \nPublished : Nov. 17, 2024, 11:15 a.m. | 36\u00a0minutes ago \nDescription : A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-17T12:56:59.000000Z"}, {"uuid": "068036d5-56a2-4186-9b8a-e37cf5b1f81e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46393", "type": "seen", "source": "https://t.me/cibsecurity/73059", "content": "\u203c CVE-2023-46393 \u203c\n\ngougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T18:17:10.000000Z"}, {"uuid": "1536de96-d784-4ecf-8b3a-976383bf2f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46394", "type": "seen", "source": "https://t.me/cibsecurity/73058", "content": "\u203c CVE-2023-46394 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T18:17:09.000000Z"}]}