{"vulnerability": "CVE-2023-6359", "sightings": [{"uuid": "1eb3c320-eb9a-4695-b05b-c88634b0caf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6359", "type": "seen", "source": "https://t.me/ctinow/155656", "content": "https://ift.tt/hfvuV91\nCVE-2023-6359 | Alumne LMS 4.0.0.1.08 /users/editmy localidad cross site scripting", "creation_timestamp": "2023-12-17T19:17:46.000000Z"}, {"uuid": "a42aaf06-dc0d-41ca-8324-16953457d6fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6359", "type": "seen", "source": "https://t.me/arpsyndicate/805", "content": "#ExploitObserverAlert\n\nCVE-2023-6359\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6359. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.", "creation_timestamp": "2023-11-30T09:01:40.000000Z"}]}