{"vulnerability": "CVE-2023-3026", "sightings": [{"uuid": "a028b479-14cb-43cc-a934-515aaaa3b7c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3026", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-3026\n\ud83d\udd39 Description: Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-10T18:55:55.645Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/9bbcc127-1e69-4c88-b318-d2afef48eff0\n2. https://github.com/jgraph/drawio/commit/c7ac634055c3edfabc7729fc4298a5ab7bfbf384", "creation_timestamp": "2025-01-10T19:06:15.000000Z"}, {"uuid": "f0eae273-16e9-4509-a0dc-f7d720e2d7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30265", "type": "seen", "source": "https://t.me/cibsecurity/62903", "content": "\u203c CVE-2023-30265 \u203c\n\nCLTPHP <=6.0 is vulnerable to Directory Traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-26T18:26:00.000000Z"}, {"uuid": "fe62ce33-9767-40e6-bf7b-feb440b5b9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30260", "type": "seen", "source": "https://t.me/cibsecurity/65458", "content": "\u203c CVE-2023-30260 \u203c\n\nCommand injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-23T16:46:50.000000Z"}, {"uuid": "66302300-8e57-4140-9393-e3d8b964ab8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30268", "type": "seen", "source": "https://t.me/cibsecurity/63336", "content": "\u203c CVE-2023-30268 \u203c\n\nCLTPHP <=6.0 is vulnerable to Improper Input Validation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-05T00:37:28.000000Z"}, {"uuid": "be938bea-4c00-4747-a78c-c23244e05785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30267", "type": "seen", "source": "https://t.me/cibsecurity/62900", "content": "\u203c CVE-2023-30267 \u203c\n\nCLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via application/home/controller/Changyan.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-26T18:25:57.000000Z"}, {"uuid": "639118dc-54b8-47d1-a7b0-1dda820f054e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30269", "type": "seen", "source": "https://t.me/cibsecurity/62908", "content": "\u203c CVE-2023-30269 \u203c\n\nCLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-26T18:26:08.000000Z"}, {"uuid": "610b99ce-f00f-4223-b812-54290d6c92b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30266", "type": "seen", "source": "https://t.me/cibsecurity/62905", "content": "\u203c CVE-2023-30266 \u203c\n\nCLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-26T18:26:05.000000Z"}, {"uuid": "1d8d1ee8-bd9b-4edc-a37b-e9ef3f281fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30264", "type": "seen", "source": "https://t.me/cibsecurity/63334", "content": "\u203c CVE-2023-30264 \u203c\n\nCLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-05T00:37:26.000000Z"}]}