{"vulnerability": "CVE-2023-5226", "sightings": [{"uuid": "502cac40-97ea-4a93-a8d1-49de38becf18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5226", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17251", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-5226\n\ud83d\udd25 CVSS Score: 4.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to manipulate repository content in the UI.\n\ud83d\udccf Published: 2023-12-01T07:01:43.131Z\n\ud83d\udccf Modified: 2025-05-22T04:09:21.302Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/426400\n2. https://hackerone.com/reports/2173053", "creation_timestamp": "2025-05-22T04:44:28.000000Z"}, {"uuid": "39d32017-3912-420b-9f5c-1c645b997e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52267", "type": "seen", "source": "https://t.me/arpsyndicate/2602", "content": "#ExploitObserverAlert\n\nCVE-2023-52267\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-52267. ehttp 1.0.6 before 17405b9 has a simple_log.cpp _log out-of-bounds-read during error logging for long strings.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-01-07T01:48:40.000000Z"}, {"uuid": "9919dade-4e7d-4e28-8e2a-61697a31e254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52266", "type": "seen", "source": "https://t.me/arpsyndicate/2633", "content": "#ExploitObserverAlert\n\nCVE-2023-52266\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-52266. ehttp 1.0.6 before 17405b9 has an epoll_socket.cpp read_func use-after-free. An attacker can make many connections over a short time to trigger this.\n\nFIRST-EPSS: 0.000500000", "creation_timestamp": "2024-01-07T09:13:32.000000Z"}, {"uuid": "a24de9c1-b138-4745-a797-e8564fea436a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52263", "type": "seen", "source": "https://t.me/cibsecurity/74044", "content": "\u203c\ufe0fCVE-2023-52263\u203c\ufe0f\n\nBrave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browserbravecontentbrowserclient.cc and browseruiwebuibravewebuicontrollerfactory.cc.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T01:33:04.000000Z"}, {"uuid": "8bdb7d07-f128-416c-a83a-132710aef7cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52269", "type": "seen", "source": "https://t.me/cibsecurity/74050", "content": "\u203c\ufe0fCVE-2023-52269\u203c\ufe0f\n\nMDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-01T01:30:35.000000Z"}, {"uuid": "32ae7f12-fd9c-4c8b-bec1-e18c89170159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52267", "type": "seen", "source": "https://t.me/cibsecurity/74049", "content": "\u203c\ufe0fCVE-2023-52267\u203c\ufe0f\n\nehttp 1.0.6 before 17405b9 has a simplelog.cpp log outofboundsread during error logging for long strings.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T07:45:04.000000Z"}, {"uuid": "f499dc17-f33b-40fe-bc03-013dd3310e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52266", "type": "seen", "source": "https://t.me/cibsecurity/74048", "content": "\u203c\ufe0fCVE-2023-52266\u203c\ufe0f\n\nehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc useafterfree. An attacker can make many connections over a short time to trigger this.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T07:39:37.000000Z"}, {"uuid": "4f595fc0-425e-41c0-9591-4b969f0e6869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52265", "type": "seen", "source": "https://t.me/cibsecurity/74047", "content": "\u203c\ufe0fCVE-2023-52265\u203c\ufe0f\n\nIDURAR aka idurarerpcrm through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the apiemailupdate data.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T01:33:19.000000Z"}, {"uuid": "8ba050ec-6600-495b-9623-20d317935f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52264", "type": "seen", "source": "https://t.me/cibsecurity/74046", "content": "\u203c\ufe0fCVE-2023-52264\u203c\ufe0f\n\nThe beesblog aka Bees Blog component before 1.6.2 for thirty bees allows Reflected XSS because controllersfrontpost.php sharingurl is mishandled.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T01:33:14.000000Z"}, {"uuid": "bd16331e-3bb7-4e66-9b4e-153b07d8bc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52262", "type": "seen", "source": "https://t.me/cibsecurity/74043", "content": "\u203c\ufe0fCVE-2023-52262\u203c\ufe0f\n\noutdoorbits littlebackupbox aka Little Backup Box before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T01:32:59.000000Z"}, {"uuid": "9cf00efa-0ef7-4696-ac0a-e4429bc58c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52263", "type": "seen", "source": "https://t.me/ctinow/171042", "content": "https://ift.tt/L3HaZKQ\nCVE-2023-52263 | Brave Browser prior 1.59.40 WebUI brave_content_browser_client.cc redirect (Issue 32449)", "creation_timestamp": "2024-01-22T09:11:19.000000Z"}, {"uuid": "3239b953-0c58-4d89-936d-133de4c53c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52262", "type": "seen", "source": "https://t.me/ctinow/171041", "content": "https://ift.tt/0igUsGv\nCVE-2023-52262 | outdoorbits little-backup-box extract Privilege Escalation", "creation_timestamp": "2024-01-22T09:11:18.000000Z"}, {"uuid": "9d082c7a-5f93-4be7-83ee-3d462ea148e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52265", "type": "seen", "source": "https://t.me/ctinow/171057", "content": "https://ift.tt/zdIXgkL\nCVE-2023-52265 | IDURAR up to 2.0.1 PATCH Request /api/email/update cross site scripting", "creation_timestamp": "2024-01-22T09:41:38.000000Z"}, {"uuid": "665f92d7-5a19-4a21-93a0-07f2aebc711d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52269", "type": "seen", "source": "https://t.me/ctinow/171056", "content": "https://ift.tt/FwuJtBp\nCVE-2023-52269 | MDaemon Security Gateway up to 9.0.3 Message Content Filtering Rule cross site scripting", "creation_timestamp": "2024-01-22T09:41:37.000000Z"}, {"uuid": "1a32e2cf-0de2-4405-9acb-d7a30381fc52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52266", "type": "seen", "source": "https://t.me/ctinow/171055", "content": "https://ift.tt/Avij1ar\nCVE-2023-52266 | ehttp up to 1.0.5 epoll_socket.cpp read_func use after free (Issue 38)", "creation_timestamp": "2024-01-22T09:41:36.000000Z"}, {"uuid": "b048f313-a778-4c9f-8beb-bd0d4825c12d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52264", "type": "seen", "source": "https://t.me/ctinow/171054", "content": "https://ift.tt/YIT5Qx6\nCVE-2023-52264 | beesblog up to 1.6.1 post.php sharing_url cross site scripting", "creation_timestamp": "2024-01-22T09:41:35.000000Z"}, {"uuid": "f084e6d6-0262-42c7-9d26-938774d7e8bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52267", "type": "seen", "source": "https://t.me/ctinow/171051", "content": "https://ift.tt/8Kb4XI6\nCVE-2023-52267 | ehttp up to 1.0.6 simple_log.cpp out-of-bounds (Issue 38)", "creation_timestamp": "2024-01-22T09:41:32.000000Z"}, {"uuid": "238705ad-67a2-44a6-8baa-99e9b5496595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52266", "type": "seen", "source": "https://t.me/ctinow/165484", "content": "https://ift.tt/hrWHgqZ\nCVE-2023-52266 Exploit", "creation_timestamp": "2024-01-10T01:16:49.000000Z"}, {"uuid": "00ed34c3-7efc-4f23-b87b-4553aa987582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52267", "type": "seen", "source": "https://t.me/ctinow/165485", "content": "https://ift.tt/0bsfBth\nCVE-2023-52267 Exploit", "creation_timestamp": "2024-01-10T01:16:53.000000Z"}, {"uuid": "f2243d15-2ccd-44a4-8aa2-ae6a9eddfcb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52263", "type": "seen", "source": "https://t.me/ctinow/160961", "content": "https://ift.tt/3M5H1JK\nCVE-2023-52263", "creation_timestamp": "2023-12-30T20:26:21.000000Z"}, {"uuid": "9d2a76ac-1a64-4da8-b601-81f083a085d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52262", "type": "seen", "source": "https://t.me/ctinow/160960", "content": "https://ift.tt/oMKZrxz\nCVE-2023-52262", "creation_timestamp": "2023-12-30T20:26:19.000000Z"}, {"uuid": "f07a5c74-f1fc-4185-8667-8de03230fb09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52269", "type": "seen", "source": "https://t.me/ctinow/160980", "content": "https://ift.tt/U6Z7815\nCVE-2023-52269", "creation_timestamp": "2023-12-31T02:26:31.000000Z"}, {"uuid": "aac0673d-494d-4341-9599-1fe8588a0b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52267", "type": "seen", "source": "https://t.me/ctinow/160978", "content": "https://ift.tt/qAnHpl8\nCVE-2023-52267", "creation_timestamp": "2023-12-31T01:26:18.000000Z"}, {"uuid": "d391786f-6293-455f-b9f6-df858d8ffcbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52266", "type": "seen", "source": "https://t.me/ctinow/160977", "content": "https://ift.tt/iD2Bv5X\nCVE-2023-52266", "creation_timestamp": "2023-12-31T01:26:17.000000Z"}, {"uuid": "be386cf8-31c0-4c38-93f9-e5bdc64d564e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52265", "type": "seen", "source": "https://t.me/ctinow/160974", "content": "https://ift.tt/b8ifVLG\nCVE-2023-52265", "creation_timestamp": "2023-12-31T00:26:23.000000Z"}, {"uuid": "8b002278-e556-4bff-acd3-c1a55f87c1c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52264", "type": "seen", "source": "https://t.me/ctinow/160973", "content": "https://ift.tt/XmP0ntS\nCVE-2023-52264", "creation_timestamp": "2023-12-31T00:26:22.000000Z"}, {"uuid": "eac6c5f3-fac4-4a42-86ab-f4b37dfefc0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52269", "type": "seen", "source": "https://t.me/ctinow/163808", "content": "https://ift.tt/twnKkR0\nCVE-2023-52269 Exploit", "creation_timestamp": "2024-01-06T04:16:13.000000Z"}, {"uuid": "13b4337a-dde2-4634-af6f-6dad73ccd362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5226", "type": "seen", "source": "https://t.me/ctinow/157862", "content": "https://ift.tt/CjZkVd1\nCVE-2023-5226 | GitLab prior 16.4.3/16.5.3/16.6.1 Branch Check code injection (Issue 42640)", "creation_timestamp": "2023-12-21T18:11:53.000000Z"}]}