{"vulnerability": "CVE-2023-5256", "sightings": [{"uuid": "8920d534-c1e3-427e-832b-ebef911c52a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5256", "type": "seen", "source": "MISP/0d24c235-404c-4e01-9b05-ca476517dd11", "content": "", "creation_timestamp": "2024-01-05T10:19:12.000000Z"}, {"uuid": "0e57edb9-a653-4219-8ee6-67e565c92112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-52561", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "99f7bf19-dc42-40e3-8155-32f64e518585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-52569", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "63adc7c4-175e-42b9-bdd4-5ad461363f47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-52561", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "244bc9ca-8c5a-45bd-8fa8-ba42905a16c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5256", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/36", "content": "\u2620\ufe0fCache poisoning in Drupal core\n \nAccording to the CVE-2023-5256 disclosure, you can cache admin session cookies by causing a 4xx response when visiting a crafted URL in JSON:API.\n\nYou can lure an admin using a link, steal his session cookies and gain administrative access to the website. In this way, an attacker can completely compromise the confidentiality, integrity and availability of the website.\n\nPoC\n\n/jsonapi/user/user?filter[a-labex][condition][path]=cachingyourcookie\n\n#web #cve #cache #drupal", "creation_timestamp": "2023-10-08T03:13:38.000000Z"}, {"uuid": "1bbe6733-5108-4486-9bd9-9ef93e2077eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5256", "type": "seen", "source": "https://t.me/cibsecurity/71222", "content": "\u203c CVE-2023-5256 \u203c\n\nIn certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation.This vulnerability only affects sites with the JSON:API module enabled, and can be mitigated by uninstalling JSON:API.The core REST and contributed GraphQL modules are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-28T22:36:59.000000Z"}, {"uuid": "225199af-8876-41d9-a315-7782a7cc407e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52560", "type": "seen", "source": "https://t.me/ctinow/199427", "content": "https://ift.tt/E4TkOn0\nCVE-2023-52560", "creation_timestamp": "2024-03-04T18:31:35.000000Z"}, {"uuid": "8f20f65f-3cc9-4f0e-abdc-670b444a86b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52562", "type": "seen", "source": "https://t.me/ctinow/199448", "content": "https://ift.tt/bRyTAXm\nCVE-2023-52562", "creation_timestamp": "2024-03-04T18:37:37.000000Z"}, {"uuid": "995f27f7-403c-46e8-956f-feb6dd628f93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52563", "type": "seen", "source": "https://t.me/ctinow/199447", "content": "https://ift.tt/bEp31Yl\nCVE-2023-52563", "creation_timestamp": "2024-03-04T18:37:36.000000Z"}, {"uuid": "3233f7a7-33cc-4b21-a9d9-31524592ae5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52564", "type": "seen", "source": "https://t.me/ctinow/199446", "content": "https://ift.tt/fhLyvV9\nCVE-2023-52564", "creation_timestamp": "2024-03-04T18:37:35.000000Z"}, {"uuid": "9b49a319-49c3-403c-b3d3-c458db4e4bd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52565", "type": "seen", "source": "https://t.me/ctinow/199445", "content": "https://ift.tt/PACsvKI\nCVE-2023-52565", "creation_timestamp": "2024-03-04T18:37:34.000000Z"}, {"uuid": "2d5c9cc7-2e98-49a0-b5ba-942d9ec2c553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52566", "type": "seen", "source": "https://t.me/ctinow/199444", "content": "https://ift.tt/VT9pbSg\nCVE-2023-52566", "creation_timestamp": "2024-03-04T18:37:32.000000Z"}, {"uuid": "88d1766c-1244-492c-b03c-7dc6f073deba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52567", "type": "seen", "source": "https://t.me/ctinow/199463", "content": "https://ift.tt/wSQC47z\nCVE-2023-52567", "creation_timestamp": "2024-03-04T19:01:52.000000Z"}, {"uuid": "6205bfa6-4efd-44d9-b625-dd84d66ed8cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52568", "type": "seen", "source": "https://t.me/ctinow/199462", "content": "https://ift.tt/RgcMZID\nCVE-2023-52568", "creation_timestamp": "2024-03-04T19:01:51.000000Z"}, {"uuid": "480425bb-a326-4551-be94-e28ac5e8822a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52569", "type": "seen", "source": "https://t.me/ctinow/199461", "content": "https://ift.tt/kDJnAv9\nCVE-2023-52569", "creation_timestamp": "2024-03-04T19:01:50.000000Z"}, {"uuid": "be4d6f98-e32e-4276-96e0-d61c3e632bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52561", "type": "seen", "source": "https://t.me/ctinow/199449", "content": "https://ift.tt/TlbNBo1\nCVE-2023-52561", "creation_timestamp": "2024-03-04T18:37:38.000000Z"}]}