{"vulnerability": "CVE-2023-2427", "sightings": [{"uuid": "8778308b-8fa3-443c-b0bd-3f0630778f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2427", "type": "seen", "source": "https://t.me/cibsecurity/63389", "content": "\u203c CVE-2023-2427 \u203c\n\nCross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-05T22:25:11.000000Z"}, {"uuid": "f70207de-ef0a-4685-9dce-3c25e8cc6794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24279", "type": "seen", "source": "https://t.me/cibsecurity/59937", "content": "\u203c CVE-2023-24279 \u203c\n\nA cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-14T06:23:32.000000Z"}, {"uuid": "b0a2cc4d-5120-433d-85be-6318f85aa030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24276", "type": "seen", "source": "https://t.me/cibsecurity/57563", "content": "\u203c CVE-2023-24276 \u203c\n\nTOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-06T18:23:43.000000Z"}, {"uuid": "9ea3d6e4-2d9d-46b9-9e91-8a794a4b9083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24278", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5585", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24278\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability.\n\ud83d\udccf Published: 2023-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T19:04:07.636Z\n\ud83d\udd17 References:\n1. https://www.openwall.com/lists/oss-security/2023/03/16/1\n2. https://census-labs.com/news/2023/03/16/reflected-xss-vulnerabilities-in-squidex-squidsvg-endpoint/", "creation_timestamp": "2025-02-26T19:24:17.000000Z"}, {"uuid": "f4af2e45-8e43-4181-904e-60565dff5059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24278", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lg4pub7dg52h", "content": "", "creation_timestamp": "2025-01-19T21:02:02.217775Z"}]}