{"vulnerability": "CVE-2024-5692", "sightings": [{"uuid": "6f6f4c74-1231-4a4d-9d78-36bd5c401639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56923", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgebyvdglo2t", "content": "", "creation_timestamp": "2025-01-22T21:15:21.796341Z"}, {"uuid": "00d8646c-a406-480b-b761-e492c050f38b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56924", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgebyxmka72j", "content": "", "creation_timestamp": "2025-01-22T21:15:24.029031Z"}, {"uuid": "c8dea9d2-c35e-449e-9747-fcb3c956ae9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56923", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgedf2og3u2k", "content": "", "creation_timestamp": "2025-01-22T21:40:03.432497Z"}, {"uuid": "ece5de3c-21ff-4b4a-bf88-dfb07d5f5a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56924", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgedf2xwbl2w", "content": "", "creation_timestamp": "2025-01-22T21:40:04.149570Z"}, {"uuid": "ec4de2b0-8a33-4c18-b3de-a2b3287ba5f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56921", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941668027673601", "content": "", "creation_timestamp": "2025-02-03T19:44:38.365811Z"}, {"uuid": "92f68840-ee25-477e-b560-e4081b1d562e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56921", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhceceluqv2w", "content": "", "creation_timestamp": "2025-02-03T20:16:19.090839Z"}, {"uuid": "4ec48736-e570-494b-b71d-cdb4ebfb0a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56923", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2655", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56923\n\ud83d\udd39 Description: Stored Cross-Site Scripting (XSS) in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.4.1 allows a remote attacker to execute arbitrary JavaScript code. This is achieved by injecting a malicious payload into the Name field of a subscription. The attack can lead to session hijacking, data theft, or unauthorized actions when an admin user views the affected subscription.\n\ud83d\udccf Published: 2025-01-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-22T20:18:19.826Z\n\ud83d\udd17 References:\n1. https://github.com/Mohamed-Saqib-C/CVEs/blob/main/CVE-2024-56923/README.md", "creation_timestamp": "2025-01-22T21:02:18.000000Z"}, {"uuid": "a4dcf7db-d212-4f6a-bd8f-369eb407f276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56924", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2653", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56924\n\ud83d\udd39 Description: A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Internet banking system 2.0.0 allows remote attackers to execute arbitrary JavaScript on the admin page (pages_account), potentially leading to unauthorized actions such as changing account settings or stealing sensitive user information. This vulnerability occurs due to improper validation of user requests, which enables attackers to exploit the system by tricking the admin user into executing malicious scripts.\n\ud83d\udccf Published: 2025-01-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-22T20:20:24.023Z\n\ud83d\udd17 References:\n1. https://github.com/ipratheep/CVE-2024-56924", "creation_timestamp": "2025-01-22T21:02:16.000000Z"}, {"uuid": "20860600-70f9-44a9-82b8-40d70608aa30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56924", "type": "seen", "source": "https://t.me/cvedetector/16144", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56924 - Code Astro Internet Banking System CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56924 \nPublished : Jan. 22, 2025, 9:15 p.m. | 43\u00a0minutes ago \nDescription : A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Internet banking system 2.0.0 allows remote attackers to execute arbitrary JavaScript on the admin page (pages_account), potentially leading to unauthorized actions such as changing account settings or stealing sensitive user information. This vulnerability occurs due to improper validation of user requests, which enables attackers to exploit the system by tricking the admin user into executing malicious scripts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T23:05:38.000000Z"}, {"uuid": "fbf4e4f9-fbf8-4ce6-a38a-014b66d320de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56921", "type": "seen", "source": "https://t.me/cvedetector/17112", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56921 - Open5gs AMF Packet Handling Remote Crash Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56921 \nPublished : Feb. 3, 2025, 8:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() function upon receipt of the Nausf_UEAuthentication_Authenticate response. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T22:00:12.000000Z"}, {"uuid": "24302218-0804-4f9b-9ede-6788427538ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56923", "type": "seen", "source": "https://t.me/cvedetector/16143", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56923 - Silverpeas Core Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56923 \nPublished : Jan. 22, 2025, 9:15 p.m. | 43\u00a0minutes ago \nDescription : Stored Cross-Site Scripting (XSS) in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.4.1 allows a remote attacker to execute arbitrary JavaScript code. This is achieved by injecting a malicious payload into the Name field of a subscription. The attack can lead to session hijacking, data theft, or unauthorized actions when an admin user views the affected subscription. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T23:05:37.000000Z"}]}