{"vulnerability": "CVE-2023-5480", "sightings": [{"uuid": "c170159f-767d-4e34-9768-00df0dddb125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5480", "type": "published-proof-of-concept", "source": "Telegram/4fcw4fF1XAek5Z_YyBUw9CKq4XIKJmpXAJBs7WYuWVXt1Q", "content": "", "creation_timestamp": "2024-01-28T17:22:16.000000Z"}, {"uuid": "c51aec46-5ea6-4648-ac11-cc4194e6bd5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5480", "type": "seen", "source": "https://t.me/slonser_notes/880", "content": "Portswigger \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430 \u0442\u043e\u043f \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0439 2024 \u0433\u043e\u0434\u0430.\n\u0422\u0430\u043c \u043d\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e 2 \u043c\u043e\u0438\u0445 \u0441\u0442\u0430\u0442\u044c\u0438\nCVE-2023-5480: Chrome new XSS Vector \nOld new email attacks \n\u0422\u0430\u043a \u0436\u0435 \u0441\u043e\u0432\u0435\u0442\u0443\u044e \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 Exploring the DOMPurify library: Bypasses and Fixes \u043e\u0442 K\u00e9vin Mizu\n\u041d\u0443 \u0438 \u0432 \u0446\u0435\u043b\u043e\u043c \u043e\u0433\u0440\u043e\u043c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0430, \u043c\u043d\u043e\u0433\u043e\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u043e\u043f\u0443\u0441\u0442\u0438\u0442\u044c, \u0442\u0430\u043a \u0447\u0442\u043e \u0447\u0438\u0442\u0430\u0435\u043c \u0438 \u0433\u043e\u043b\u043e\u0441\u0443\u0435\u043c!\n\n\u0427\u0438\u0442\u0430\u0442\u044c \u0438 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u0430\u0442\u044c \u0442\u0443\u0442.", "creation_timestamp": "2025-01-15T16:00:30.000000Z"}, {"uuid": "9ae18ae3-b61a-4a87-8696-1ff108947728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5480", "type": "seen", "source": "https://t.me/slonser_notes/829", "content": "CVE-2023-5480\nSeverity: High\nBounty: 16000$\n\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c \u0445\u0440\u043e\u043c\u044b\nhttps://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html", "creation_timestamp": "2023-10-31T21:09:25.000000Z"}, {"uuid": "a69ec859-ec56-4a2f-8dad-fb5ae43a5206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5480", "type": "seen", "source": "https://t.me/cibsecurity/73382", "content": "\u203c CVE-2023-5480 \u203c\n\nInappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T21:22:18.000000Z"}, {"uuid": "c59a9a53-49d0-4193-bbcd-a75eed689d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5480", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9883", "content": "#exploit\n1. CVE-2023-6246:\nHeap-based buffer overflow in the glibc's syslog()\nhttps://www.openwall.com/lists/oss-security/2024/01/30/6\n\n2. CVE-2023-5480:\nChrome XSS\nhttps://blog.slonser.info/posts/cve-2023-5480\n\n3. CVE-2023-35636:\nOutlook Information Disclosure\nhttps://github.com/duy-31/CVE-2023-35636", "creation_timestamp": "2024-01-31T10:59:01.000000Z"}, {"uuid": "89fe09cc-2250-45f8-8577-04b38666e729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5480", "type": "seen", "source": "Telegram/cT02yvzMFi99VhMUXzXmr472URxBVRNGH6wGhnaCKWvZKpM", "content": "", "creation_timestamp": "2023-11-01T05:37:39.000000Z"}]}