{"vulnerability": "CVE-2024-2072", "sightings": [{"uuid": "e1812709-61f8-45c7-9914-5930fe00fcc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ljrc7ef55k2v", "content": "", "creation_timestamp": "2025-03-07T05:44:38.611840Z"}, {"uuid": "27c610dc-3767-45b8-9a89-d067f53c017f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ljrc7eetf22v", "content": "", "creation_timestamp": "2025-03-07T05:44:37.495526Z"}, {"uuid": "b7ecad65-bd6a-4622-a424-cc175fdd17e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ljrc7ef55l2v", "content": "", "creation_timestamp": "2025-03-07T05:44:39.164135Z"}, {"uuid": "54fa0850-2285-4bee-803d-2b21719b618b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ljrc7ef55m2v", "content": "", "creation_timestamp": "2025-03-07T05:44:39.722840Z"}, {"uuid": "d377b033-bc0d-4f37-a2d8-06e559113eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "Telegram/syCgYgg3a3_tK6AmcOKj-edady37WxjkMKS7DWkjNBDzkgU", "content": "", "creation_timestamp": "2024-04-06T12:53:22.000000Z"}, {"uuid": "a6172d8e-3e22-44eb-9593-fb75b156205e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://bsky.app/profile/saveam.bsky.social/post/3ljrc7ef46c2v", "content": "", "creation_timestamp": "2025-03-07T05:44:38.046216Z"}, {"uuid": "bb46f10f-09ca-40aa-a944-836283a7cc20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://t.me/itsec_news/5097", "content": "\u200b\u26a1\ufe0fGoogle Tag Manager \u0441\u0442\u0430\u043b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u043a\u0440\u0430\u0436\u0438 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\ud83d\udcac\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u043e\u0432\u043e\u043c\u0443 \u043e\u0442\u0447\u0435\u0442\u0443 Trustwave, \u0432 \u043f\u0440\u0435\u0434\u0434\u0432\u0435\u0440\u0438\u0438 \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0441\u0435\u0437\u043e\u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u044b \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u0445 \u043a\u0430\u0440\u0442 \u0438 \u043b\u0438\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u0410\u0442\u0430\u043a\u0438 Magecart, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043d\u0430\u0447\u0430\u043b\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 2015 \u0433\u043e\u0434\u0443, \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 \u0434\u043b\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u043e\u043d\u043b\u0430\u0439\u043d-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432.\n\nMagecart \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Magento, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u044b \u0442\u044b\u0441\u044f\u0447\u0438 \u043e\u043d\u043b\u0430\u0439\u043d-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u041f\u0430\u043d\u0434\u0435\u043c\u0438\u044f 2020 \u0433\u043e\u0434\u0430 \u0443\u0441\u0438\u043b\u0438\u043b\u0430 \u0443\u0433\u0440\u043e\u0437\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0435\u0440\u0435\u0445\u043e\u0434 \u043d\u0430 \u043e\u043d\u043b\u0430\u0439\u043d-\u043f\u043e\u043a\u0443\u043f\u043a\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0430\u0439\u0442\u0430\u043c. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435, \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445 \u0438\u043b\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0441\u0430\u0439\u0442\u0430. \u0412 2024 \u0433\u043e\u0434\u0443 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\nCVE-2024-20720 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.1) \u2014 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Magento, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2024 \u0433\u043e\u0434\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0432\u0437\u043b\u043e\u043c\u0430\u043c \u0441\u0430\u0439\u0442\u043e\u0432.\nCosmicSting ( CVE-2024-34102 \u0438 CVE-2024-2961 ) \u2014 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432. \u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u0434\u043e 75% \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c Adobe Commerce \u0438 Magento.\n\u041f\u043e\u0441\u043b\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u043d\u0435\u0434\u0440\u044f\u044e\u0442 \u0441\u043a\u0438\u043c\u043c\u0435\u0440\u044b \u043d\u0430 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u0441\u0430\u0439\u0442\u043e\u0432, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u043a\u0430\u0437\u043e\u0432. \u0421\u043a\u0440\u0438\u043f\u0442\u044b \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u043e\u043c\u0435\u0440\u0430 \u043a\u0430\u0440\u0442 \u0438 CVV-\u043a\u043e\u0434\u044b.\n\n\u0412 2024 \u0433\u043e\u0434\u0443 \u0443\u0447\u0430\u0441\u0442\u0438\u043b\u0438\u0441\u044c \u0441\u043b\u0443\u0447\u0430\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c Google Tag Manager (GTM), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u043e\u043c. \u0425\u0430\u043a\u0435\u0440\u044b \u0441\u043e\u0437\u0434\u0430\u044e\u0442 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b GTM \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u0430\u0445. \u0422\u0430\u043a\u043e\u0439 \u043c\u0435\u0442\u043e\u0434 \u0442\u0440\u0443\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a GTM \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c.\n\n\u0421\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f WebSocket. \u0427\u0430\u0441\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u0434\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 Base64 \u0434\u043b\u044f \u0443\u0441\u043b\u043e\u0436\u043d\u0435\u043d\u0438\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430.\n\n\u0414\u043b\u044f \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0438\u0441\u043a\u043e\u0432 \u0430\u0442\u0430\u043a Magecart \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f:\n\n\u0421\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f;\n\u041e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043d\u0435\u043d\u0443\u0436\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u044b;\n\u041d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c Content Security Policy (CSP) \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0435\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432;\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Subresource Integrity (SRI) \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u044b\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432;\n\u041f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439.\n\u0410\u0442\u0430\u043a\u0438 Magecart \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439, \u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-01-10T11:40:31.000000Z"}, {"uuid": "1ef87f98-7e90-4619-b59f-4318894c5f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "https://t.me/cKure/12688", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Magento Zero-Day abusing XML for persistence.\n\nThreat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores.\n\nSansec researchers observed threat actors are exploiting the recently disclosed Magento vulnerability CVE-2024-20720 to deploy a persistent backdoor on e-stores.\n\nhttps://securityaffairs.com/161534/hacking/magento-vulnerability-actively-exploited.html", "creation_timestamp": "2024-04-07T18:49:00.000000Z"}, {"uuid": "45b5d651-e958-44cb-9f17-9c59efc2f4ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "Telegram/23yZA3ScP8LiVmNHDujJc1j78iV9FP2T-o6YJbgSXL43CA", "content": "", "creation_timestamp": "2024-04-06T15:24:32.000000Z"}, {"uuid": "f98f2d3b-b38a-41c0-81d3-771232915022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/5118", "content": "The Hacker News\nHackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites\n\nThreat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites.\nThe attack leverages&nbsp;CVE-2024-20720&nbsp;(CVSS score: 9.1), which has been described by Adobe as a case of \"improper neutralization of special elements\" that could pave the way for arbitrary code execution.\nIt was&nbsp;addressed&nbsp;by the company as part of", "creation_timestamp": "2024-04-06T15:24:33.000000Z"}, {"uuid": "bfd20fc7-729f-48ff-b64b-e083e2431777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/960", "content": "The Hacker News\nHackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites\n\nThreat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites.\nThe attack leverages&nbsp;CVE-2024-20720&nbsp;(CVSS score: 9.1), which has been described by Adobe as a case of \"improper neutralization of special elements\" that could pave the way for arbitrary code execution.\nIt was&nbsp;addressed&nbsp;by the company as part of", "creation_timestamp": "2024-04-06T15:24:33.000000Z"}, {"uuid": "9742e3f3-5399-4ebd-9e97-27d80cfb0091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "Telegram/9cBa9uSqnoPcoK6gUJtva5F8fQxfVYrkQbWAgOMLMgOJ3g", "content": "", "creation_timestamp": "2024-04-06T12:38:55.000000Z"}, {"uuid": "614b35d2-73b5-4785-9804-0cca3e85427e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "https://t.me/KomunitiSiber/1743", "content": "Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites\nhttps://thehackernews.com/2024/04/hackers-exploit-magento-bug-to-steal.html\n\nThreat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites.\nThe attack leverages\u00a0CVE-2024-20720\u00a0(CVSS score: 9.1), which has been described by Adobe as a case of \"improper neutralization of special elements\" that could pave the way for arbitrary code execution.\nIt was\u00a0addressed\u00a0by the company as part of", "creation_timestamp": "2024-04-06T12:40:40.000000Z"}, {"uuid": "8734c5e7-e2bb-4ba9-9963-86f82c311a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2072", "type": "seen", "source": "https://t.me/ctinow/198309", "content": "https://ift.tt/kMZLPta\nCVE-2024-2072 | SourceCodester Flashcard Quiz App 1.0 update-flashcard.php question/answer cross site scripting", "creation_timestamp": "2024-03-02T10:41:18.000000Z"}, {"uuid": "d1994b76-5a2e-45a3-8e9b-6db44b2a1ac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://t.me/codeb0ss/1551", "content": "CVE-2024-20720\ud83c\udf37", "creation_timestamp": "2024-08-30T06:52:02.000000Z"}, {"uuid": "1331a63d-27ba-43b7-a097-4fae5854b88c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://t.me/ctinow/214456", "content": "https://ift.tt/gWy0CKG\nCVE-2024-20720 Exploitation", "creation_timestamp": "2024-04-09T13:16:27.000000Z"}, {"uuid": "f095a540-7ad4-4c74-a2a2-8fdf9e4d8828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2072", "type": "seen", "source": "https://t.me/ctinow/197882", "content": "https://ift.tt/Wh6dy5X\nCVE-2024-2072", "creation_timestamp": "2024-03-01T18:31:41.000000Z"}, {"uuid": "4b9ec3f4-a5e1-4fd2-9f0a-af1e29ceff16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20725", "type": "seen", "source": "https://t.me/ctinow/201119", "content": "https://ift.tt/uGK1oae\nCVE-2024-20725 | Adobe Substance 3D Painter up to 9.1.1 out-of-bounds (apsb24-04)", "creation_timestamp": "2024-03-06T08:41:50.000000Z"}, {"uuid": "03d00549-6318-4438-8f8c-ca05ef7ac0ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20724", "type": "seen", "source": "https://t.me/ctinow/201118", "content": "https://ift.tt/gXA8N2S\nCVE-2024-20724 | Adobe Substance 3D Painter up to 9.1.1 out-of-bounds (apsb24-04)", "creation_timestamp": "2024-03-06T08:41:49.000000Z"}, {"uuid": "e7c53d53-9173-49ba-81d8-f6d53b0ac183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20722", "type": "seen", "source": "https://t.me/ctinow/201117", "content": "https://ift.tt/bylt98A\nCVE-2024-20722 | Adobe Substance 3D Painter up to 9.1.1 out-of-bounds (apsb24-04)", "creation_timestamp": "2024-03-06T08:41:48.000000Z"}, {"uuid": "2d9677b8-6740-4ea4-b215-3f16f7a9d2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20728", "type": "seen", "source": "https://t.me/ctinow/185553", "content": "https://ift.tt/w2slFnT\nCVE-2024-20728", "creation_timestamp": "2024-02-15T14:32:08.000000Z"}, {"uuid": "f4cacd57-fa6c-413e-a1ef-6e4212b8925f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20727", "type": "seen", "source": "https://t.me/ctinow/185548", "content": "https://ift.tt/C3zmPnh\nCVE-2024-20727", "creation_timestamp": "2024-02-15T14:27:07.000000Z"}, {"uuid": "45a53906-556d-4c61-99e3-0a2c72a1f23c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20726", "type": "seen", "source": "https://t.me/ctinow/185547", "content": "https://ift.tt/kxpSoQa\nCVE-2024-20726", "creation_timestamp": "2024-02-15T14:27:06.000000Z"}, {"uuid": "310cf3d5-70d4-4287-baf0-26a4ff918ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20729", "type": "seen", "source": "https://t.me/ctinow/185554", "content": "https://ift.tt/Tu2hFsk\nCVE-2024-20729", "creation_timestamp": "2024-02-15T14:32:10.000000Z"}, {"uuid": "27e0730c-a3a0-404a-aedf-eb17edecf905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20725", "type": "seen", "source": "https://t.me/ctinow/185452", "content": "https://ift.tt/a812sLx\nCVE-2024-20725", "creation_timestamp": "2024-02-15T12:26:13.000000Z"}, {"uuid": "76817962-90cf-4535-ab8b-750c6ac7ebaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20724", "type": "seen", "source": "https://t.me/ctinow/185451", "content": "https://ift.tt/bkIg05w\nCVE-2024-20724", "creation_timestamp": "2024-02-15T12:26:12.000000Z"}, {"uuid": "50768fe4-5472-401c-94b1-9e211af0d366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20723", "type": "seen", "source": "https://t.me/ctinow/185450", "content": "https://ift.tt/ZaLde4P\nCVE-2024-20723", "creation_timestamp": "2024-02-15T12:26:11.000000Z"}, {"uuid": "4cd9452f-7945-4744-940d-9ced143df03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20722", "type": "seen", "source": "https://t.me/ctinow/185449", "content": "https://ift.tt/qnxXHEr\nCVE-2024-20722", "creation_timestamp": "2024-02-15T12:26:10.000000Z"}, {"uuid": "3a180ea8-5ff0-4b9f-8070-2de53f116b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "seen", "source": "https://t.me/ctinow/185616", "content": "https://ift.tt/NGYmRAL\nCVE-2024-20720", "creation_timestamp": "2024-02-15T15:31:42.000000Z"}, {"uuid": "5222adce-ff74-4cf6-9be4-be58b50f363b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20721", "type": "seen", "source": "https://t.me/ctinow/168370", "content": "https://ift.tt/xohWOGC\nCVE-2024-20721", "creation_timestamp": "2024-01-15T14:26:56.000000Z"}, {"uuid": "aa8e1b0b-1f9c-44e9-b94b-217e2befc9e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20721", "type": "seen", "source": "https://t.me/ctinow/178539", "content": "https://ift.tt/ryptYTS\nCVE-2024-20721 | Adobe Acrobat Reader up to 120.0.2210.91 on Edge denial of service", "creation_timestamp": "2024-02-03T12:46:31.000000Z"}, {"uuid": "bb090550-bd60-433e-9605-f3f98a0e3990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "https://t.me/xakep_ru/15649", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Magento \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043c\u0430\u043b\u0432\u0430\u0440\u0438\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Sansec \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Magento (CVE-2024-20720) \u0438 \u0441 \u0435\u0435 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u044f\u044e\u0442 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u043d\u0430 e-commerce \u0441\u0430\u0439\u0442\u044b.\n\nhttps://xakep.ru/2024/04/08/magento-backdoored/", "creation_timestamp": "2024-04-08T13:44:24.000000Z"}, {"uuid": "f942e4c7-e9a9-40a0-ac80-ec9a19646b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20720", "type": "exploited", "source": "https://t.me/thehackernews/4785", "content": "\u26a0\ufe0f ALERT: Exploit alert for Magento users! \n \nA critical flaw, CVE-2024-20720, allows threat actors to sneak a persistent backdoor into e-commerce sites and deploy skimmers to steal financial data. \n \nLearn more: https://thehackernews.com/2024/04/hackers-exploit-magento-bug-to-steal.html", "creation_timestamp": "2024-04-06T11:55:14.000000Z"}]}