{"vulnerability": "CVE-2023-49964", "sightings": [{"uuid": "d7ec3e81-6b39-4748-846d-c40b3bac676c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49964", "type": "seen", "source": "https://t.me/ctinow/161298", "content": "https://ift.tt/v9M8DsS\nCVE-2023-49964 | Hyland Alfresco Community Edition up to 7.2.0 Template folder.get.html.ftl injection", "creation_timestamp": "2024-01-01T13:02:29.000000Z"}, {"uuid": "9e9f6abb-6d49-472c-90ed-d875d8eec644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49964", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6122", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco\nURL\uff1ahttps://github.com/mbadanoiu/CVE-2023-49964\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-09T11:00:14.000000Z"}, {"uuid": "b06df3c1-e28b-4514-88d0-9587c98a398f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49964", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/189", "content": "#exploit\n\n1. #SonicWall WXA - Authentication Bypass and #RCE Vulnerability\n\nhttps://www.praetorian.com/blog/sonicwall-wxa-authentication-bypass-and-rce-vulnerability\n\n2. #CVE-2023-49964:\nFreeMarker Server-Side Template Injection in #Alfresco\n\nhttps://github.com/mbadanoiu/CVE-2023-49964\n\n3. CVE-2022-21392:\n#LPE via NMR SUID in #Oracle Enterprise Manager\n\nhttps://github.com/mbadanoiu/CVE-2022-21392", "creation_timestamp": "2023-12-11T06:53:58.000000Z"}, {"uuid": "81f598ac-9413-4b89-b72a-03285ae943e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49964", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9557", "content": "#exploit\n1. SonicWall WXA - Authentication Bypass and RCE Vulnerability\nhttps://www.praetorian.com/blog/sonicwall-wxa-authentication-bypass-and-rce-vulnerability\n\n2. CVE-2023-49964:\nFreeMarker Server-Side Template Injection in Alfresco\nhttps://github.com/mbadanoiu/CVE-2023-49964\n\n3. CVE-2022-21392:\nLPE via NMR SUID in Oracle Enterprise Manager\nhttps://github.com/mbadanoiu/CVE-2022-21392", "creation_timestamp": "2023-12-10T12:43:01.000000Z"}, {"uuid": "435a4e45-c8e0-407b-b056-7e9a1b31ceb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49964", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2236", "content": "#exploit\n1. SonicWall WXA - Authentication Bypass and RCE Vulnerability\nhttps://www.praetorian.com/blog/sonicwall-wxa-authentication-bypass-and-rce-vulnerability\n\n2. CVE-2023-49964:\nFreeMarker Server-Side Template Injection in Alfresco\nhttps://github.com/mbadanoiu/CVE-2023-49964\n\n3. CVE-2022-21392:\nLPE via NMR SUID in Oracle Enterprise Manager\nhttps://github.com/mbadanoiu/CVE-2022-21392", "creation_timestamp": "2024-08-16T08:56:10.000000Z"}]}