{"vulnerability": "CVE-2023-2836", "sightings": [{"uuid": "4fadc108-743a-4d37-8ac4-27838256711d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28362", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/867", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28362\n\ud83d\udd39 Description: The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.\n\ud83d\udccf Published: 2025-01-09T00:33:47.730Z\n\ud83d\udccf Modified: 2025-01-09T00:33:47.730Z\n\ud83d\udd17 References:\n1. https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132\n2. https://github.com/advisories/GHSA-4g8v-vg43-wpgf\n3. https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441\n4. https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5", "creation_timestamp": "2025-01-09T01:14:48.000000Z"}, {"uuid": "ba4ccba6-040d-4656-88bd-b79b93378e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28369", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2584", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28369\n\ud83d\udd39 Description: Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user's Android device, which may lead to displaying the settings and/or log information of the affected app as a print preview.\n\ud83d\udccf Published: 2023-05-18T00:00:00\n\ud83d\udccf Modified: 2025-01-22T16:31:20.241Z\n\ud83d\udd17 References:\n1. https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100794_000\n2. https://faq.brother.co.jp/app/answers/detail/a_id/13468\n3. https://play.google.com/store/apps/details?id=com.brother.mfc.brprint\n4. https://jvn.jp/en/vu/JVNVU97891206/", "creation_timestamp": "2025-01-22T17:01:58.000000Z"}, {"uuid": "1675ecf9-c002-4e71-adb0-19aa4c63932d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28367", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2195", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28367\n\ud83d\udd39 Description: Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T18:18:23.799Z\n\ud83d\udd17 References:\n1. https://www.vektor-inc.co.jp/product-update/vk-blocks-exunit-xss/\n2. https://jvn.jp/en/jp/JVN95792402/", "creation_timestamp": "2025-01-17T18:57:10.000000Z"}, {"uuid": "a765dd6e-e19a-4b88-942d-c83a42250bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28362", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14629", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28362\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.\n\ud83d\udccf Published: 2025-01-09T00:33:47.730Z\n\ud83d\udccf Modified: 2025-05-02T23:02:56.188Z\n\ud83d\udd17 References:\n1. https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132\n2. https://github.com/advisories/GHSA-4g8v-vg43-wpgf\n3. https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441\n4. https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5", "creation_timestamp": "2025-05-02T23:17:24.000000Z"}, {"uuid": "6c9f402e-3010-4bbe-a53b-aa96dca4fa6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28364", "type": "seen", "source": "https://t.me/cibsecurity/65832", "content": "\u203c CVE-2023-28364 \u203c\n\nAn Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T07:15:34.000000Z"}, {"uuid": "c150b57a-c9bb-4d63-b959-72c5cb716443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28365", "type": "seen", "source": "https://t.me/cibsecurity/65837", "content": "\u203c CVE-2023-28365 \u203c\n\nA backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T07:15:42.000000Z"}, {"uuid": "7754299f-09df-4132-96c1-e7c6a916be12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28362", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfbivv7wg422", "content": "", "creation_timestamp": "2025-01-09T01:15:46.032068Z"}, {"uuid": "270f7fc0-730a-4366-b36a-299846970844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28362", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfbk6piykp2b", "content": "", "creation_timestamp": "2025-01-09T01:38:37.818492Z"}, {"uuid": "739e8ac0-8238-4174-add9-e0e810d76998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28362", "type": "seen", "source": "https://t.me/cvedetector/14760", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-28362 - \"Adobe Rails HTTP Header Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2023-28362 \nPublished : Jan. 9, 2025, 1:15 a.m. | 21\u00a0minutes ago \nDescription : The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T02:42:03.000000Z"}, {"uuid": "a0f2867e-8a54-4156-a9d7-1667c8a03b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28360", "type": "seen", "source": "https://t.me/arpsyndicate/2359", "content": "#ExploitObserverAlert\n\nCVE-2023-28360\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28360. An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 1.4\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T20:53:25.000000Z"}, {"uuid": "57743294-3909-4655-bcda-3822422f4bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28366", "type": "seen", "source": "https://t.me/cibsecurity/69660", "content": "\u203c CVE-2023-28366 \u203c\n\nThe broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T20:15:10.000000Z"}, {"uuid": "96a364e3-37d5-4d16-8f91-483858420c0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2023-28362", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113795734456115143", "content": "", "creation_timestamp": "2025-01-09T01:11:48.811381Z"}]}