{"vulnerability": "CVE-2023-2684", "sightings": [{"uuid": "366145e4-e81f-4930-b884-347752a09991", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26840", "type": "seen", "source": "https://t.me/cibsecurity/62790", "content": "\u203c CVE-2023-26840 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to set a person to a user and set that user to be an Administrator.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T16:25:05.000000Z"}, {"uuid": "9e463030-7c67-4ddd-bdc2-df5f63a413b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26841", "type": "seen", "source": "https://t.me/cibsecurity/62805", "content": "\u203c CVE-2023-26841 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to change any user's password except for the user that is currently logged in.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T16:25:21.000000Z"}, {"uuid": "d7e99a64-192f-4e8e-910e-5134bbb4215c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26845", "type": "seen", "source": "https://t.me/cibsecurity/61878", "content": "\u203c CVE-2023-26845 \u203c\n\nA Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T18:23:31.000000Z"}, {"uuid": "0e5355d7-6b9a-47ae-ada4-6c5b138cf052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26841", "type": "seen", "source": "Telegram/A6sbR4Zms80aXBXDj_IxqLfr60dsiLz1aj6bXVgcMUkEl0cd", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "d85b588b-cc16-4253-9df8-21514d7b74cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26843", "type": "seen", "source": "https://t.me/cibsecurity/62797", "content": "\u203c CVE-2023-26843 \u203c\n\nA stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2024-01-25T14:31:03.000000Z"}, {"uuid": "0bf54de8-be03-4adb-9e1c-22a850fa441f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26847", "type": "seen", "source": "https://t.me/cibsecurity/61876", "content": "\u203c CVE-2023-26847 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T18:23:29.000000Z"}, {"uuid": "77adbb39-69f1-4c6c-9f0e-1f33c477c52e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26846", "type": "seen", "source": "https://t.me/cibsecurity/61875", "content": "\u203c CVE-2023-26846 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T18:23:28.000000Z"}, {"uuid": "b85d1c5e-8e67-4201-86ba-27f2db84b193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26845", "type": "seen", "source": "Telegram/pnvqbyKkKkFEGhyvUwGaEmlACMD2OfGZ6n9ybpPItlY1V_kc", "content": "", "creation_timestamp": "2025-02-14T09:47:01.000000Z"}, {"uuid": "54738aa9-7b8a-40eb-93a4-3d51e7b8b18b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26848", "type": "seen", "source": "Telegram/-y8Q7cPOGDw_Q7kQgR7hj7Fp3R34Xvi8A-b5CjVGCA4M5OBR", "content": "", "creation_timestamp": "2025-02-14T10:05:59.000000Z"}]}