{"vulnerability": "CVE-2023-52085", "sightings": [{"uuid": "fee4721f-c8df-491b-9be2-245b0233d881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52085", "type": "seen", "source": "https://t.me/ctinow/160271", "content": "https://ift.tt/zwPvUnZ\nCVE-2023-52085", "creation_timestamp": "2023-12-29T01:26:47.000000Z"}, {"uuid": "0a6c78a4-a1ed-4aab-8645-49e18f04b7d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52085", "type": "seen", "source": "https://t.me/arpsyndicate/3417", "content": "#ExploitObserverAlert\n\nPD/http/cves/2023/CVE-2023-52085\n\nDESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/http/cves/2023/CVE-2023-52085. Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local File Inclusion vulnerability. This issue has been patched in v1.2.4.", "creation_timestamp": "2024-02-11T15:08:13.000000Z"}, {"uuid": "bac6eda2-f929-43af-8917-5c7afe9aabf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52085", "type": "seen", "source": "https://t.me/ctinow/170652", "content": "https://ift.tt/HWb9g4e\nCVE-2023-52085 | Winter CMS up to 1.2.3 ColorPicker FormWidget path traversal (GHSA-2x7r-93ww-cxrq)", "creation_timestamp": "2024-01-20T15:17:17.000000Z"}]}