{"vulnerability": "CVE-2024-53995", "sightings": [{"uuid": "f79ebede-f940-4ac3-b789-21349e662657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113794702049318099", "content": "", "creation_timestamp": "2025-01-08T20:49:17.462620Z"}, {"uuid": "366b22e1-fa4d-4c37-8d3b-5b6be7dd8b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfb3incelu27", "content": "", "creation_timestamp": "2025-01-08T21:15:42.794789Z"}, {"uuid": "2da88b30-97ab-41d8-acf5-5632db409d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfb5cz3ykd2k", "content": "", "creation_timestamp": "2025-01-08T21:48:21.323914Z"}, {"uuid": "bce04eed-ee80-466c-bf72-b3ce3cc6d2d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6fpxidtz72w", "content": "", "creation_timestamp": "2025-11-24T21:02:25.785466Z"}, {"uuid": "943cd9e0-a197-4c15-b559-7502390691bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-53995.yaml", "content": "", "creation_timestamp": "2025-11-20T15:27:28.000000Z"}, {"uuid": "c9e9a7e7-32bb-4868-8691-a721409c5373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/837", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-53995\n\ud83d\udd39 Description: SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to `settings.DEFAULT_PAGE` instead of to the `next` parameter.\n\ud83d\udccf Published: 2025-01-08T20:44:53.785Z\n\ud83d\udccf Modified: 2025-01-08T20:44:53.785Z\n\ud83d\udd17 References:\n1. https://securitylab.github.com/advisories/GHSL-2024-283_GHSL-2024-291_sickchill_sickchill/\n2. https://github.com/SickChill/sickchill/pull/8811\n3. https://github.com/SickChill/sickchill/commit/c7128a8946c3701df95c285810eb75b2de18bf82\n4. https://github.com/SickChill/sickchill/blob/846adafdfab579281353ea08a27bbb813f9a9872/sickchill/views/authentication.py#L33", "creation_timestamp": "2025-01-08T21:13:41.000000Z"}, {"uuid": "b2771d86-8d31-498a-9ba6-671aa24d3112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53995", "type": "seen", "source": "https://t.me/cvedetector/14740", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53995 - SickChill Open Redirect Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-53995 \nPublished : Jan. 8, 2025, 9:15 p.m. | 36\u00a0minutes ago \nDescription : SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to `settings.DEFAULT_PAGE` instead of to the `next` parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T23:21:23.000000Z"}]}