{"vulnerability": "CVE-2023-3410", "sightings": [{"uuid": "0732aaa9-35a7-4571-bc53-07ef8fcd8368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-17)", "content": "", "creation_timestamp": "2025-08-17T00:00:00.000000Z"}, {"uuid": "d5d2596b-5ab2-47a0-ba1c-8e970eca1e45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrsq2jwkz2c", "content": "", "creation_timestamp": "2025-08-19T21:02:31.814679Z"}, {"uuid": "86743586-84ac-4800-981d-1cf1ee1f59a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "2dbfe91e-b3a3-4709-a3cc-ffeba7d5e275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34109", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/229", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34109\n\ud83d\udd39 Description: zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with every function call. Browsers are impacted, too but a single user need to do a lot of input changes so that it affects the browser, while the node process gets the inputs of every user of a platform and can be killed that way. This problem has been patched in version 3.0.2. Users are advised to upgrade. Users unable to upgrade should stop using the second argument of the zxcvbn function and use the zxcvbnOptions.setOptions function.\n\ud83d\udccf Published: 2023-06-07T17:11:21.949Z\n\ud83d\udccf Modified: 2025-01-06T20:12:26.819Z\n\ud83d\udd17 References:\n1. https://github.com/zxcvbn-ts/zxcvbn/security/advisories/GHSA-38hx-x5hq-5fg4\n2. https://github.com/zxcvbn-ts/zxcvbn/commit/3f9bed21b5d01f6f6863476822ca857355fba22f", "creation_timestamp": "2025-01-06T20:50:18.000000Z"}, {"uuid": "c6734b0f-e0d3-4a7e-b52f-adcf222f8d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34106", "type": "seen", "source": "https://t.me/cibsecurity/66001", "content": "\u203c CVE-2023-34106 \u203c\n\nGLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Users should upgrade to version 10.0.8 to receive a patch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T22:22:06.000000Z"}, {"uuid": "26700cfe-ca3b-4aee-9012-436847409c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "976cdc58-cb83-4169-a18b-f973b938494a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "91a9aa72-e565-44da-b1ac-c3f4b07b4a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-18)", "content": "", "creation_timestamp": "2026-04-18T00:00:00.000000Z"}, {"uuid": "5c65deb7-d3d6-499f-83d3-ed133ae24143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34102", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/725", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34102\n\ud83d\udd39 Description: Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. This issue has been addressed in commit `ec117882d` which is expected to be included in subsequent releases. Users are advised to limit access to untrusted users until a new release is made.\n\ud83d\udccf Published: 2023-06-05T22:16:43.861Z\n\ud83d\udccf Modified: 2025-01-08T15:48:32.200Z\n\ud83d\udd17 References:\n1. https://github.com/avo-hq/avo/security/advisories/GHSA-86h2-2g4g-29qx\n2. https://github.com/avo-hq/avo/commit/ec117882ddb1b519481bdd046dc3cfa4474e6e17", "creation_timestamp": "2025-01-08T16:20:00.000000Z"}, {"uuid": "8ab81b13-11b7-4411-afed-4052443cea64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34103", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/724", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34103\n\ud83d\udd39 Description: Avo is an open source ruby on rails admin panel creation framework. In affected versions some avo fields are vulnerable to Cross Site Scripting (XSS) when rendering html based content. Attackers do need form edit privilege in order to successfully exploit this vulnerability, but the results are stored and no specific timing is required. This issue has been addressed in commit `7891c01e` which is expected to be included in the next release of avo. Users are advised to configure CSP headers for their application and to limit untrusted user access as a mitigation.\n\ud83d\udccf Published: 2023-06-05T22:13:21.458Z\n\ud83d\udccf Modified: 2025-01-08T15:49:17.811Z\n\ud83d\udd17 References:\n1. https://github.com/avo-hq/avo/security/advisories/GHSA-5cr9-5jx3-2g39\n2. https://github.com/avo-hq/avo/commit/7891c01e1fba9ca5d7dbccc43d27f385e5d08563", "creation_timestamp": "2025-01-08T16:19:40.000000Z"}, {"uuid": "193087f9-a97a-4ad9-901b-9d58f36e2796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34107", "type": "seen", "source": "https://t.me/cibsecurity/66029", "content": "\u203c CVE-2023-34107 \u203c\n\nGLPI is a free asset and IT management software package. Versions of the software starting with 9.2.0 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user, allows access to the view all KnowbaseItems. Version 10.0.8 has a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T00:27:33.000000Z"}, {"uuid": "d0f9d7f9-1ca7-4e4f-9b69-860cfbaf9f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34108", "type": "seen", "source": "https://t.me/cibsecurity/65048", "content": "\u203c CVE-2023-34108 \u203c\n\nmailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted passwords during the authentication process. The issue arises from the behavior of the `passwd-verify.lua` script, which is responsible for verifying user passwords during login attempts. Upon a successful login, the script returns a response in the format of \"password=\", indicating the successful authentication. By crafting a password with additional key-value pairs appended to it, an attacker can manipulate the returned string and influence the internal behavior of Dovecot. For example, using the password \"123 mail_crypt_save_version=0\" would cause the `passwd-verify.lua` script to return the string \"password=123 mail_crypt_save_version=0\". Consequently, Dovecot will interpret this string and set the internal variables accordingly, leading to unintended consequences. This vulnerability can be exploited by an authenticated attacker who has the ability to set their own password. Successful exploitation of this vulnerability could result in unauthorized access to user accounts, bypassing security controls, or other malicious activities. This issue has been patched in version `2023-05a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-07T22:35:58.000000Z"}, {"uuid": "75174397-0396-41e8-bb4a-f79906efff3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-07)", "content": "", "creation_timestamp": "2025-11-07T00:00:00.000000Z"}, {"uuid": "975a8609-f6e6-4f42-869f-156bc7025b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-29)", "content": "", "creation_timestamp": "2025-10-29T00:00:00.000000Z"}, {"uuid": "052b737c-e151-4b70-99fa-2be60ee0ac7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34105", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-29)", "content": "", "creation_timestamp": "2026-03-29T00:00:00.000000Z"}, {"uuid": "1467a311-3e94-466f-b08d-66488d37c690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3410", "type": "seen", "source": "https://t.me/cvedetector/5672", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-3410 - Bricks WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-3410 \nPublished : Sept. 14, 2024, 9:15 a.m. | 41\u00a0minutes ago \nDescription : The Bricks theme for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018customTag' attribute in versions up to, and including, 1.10.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with access to the Bricks Builder (admin-only by default), to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This becomes more of an issue when Bricks Builder access is granted to lower-privileged users. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-14T12:21:06.000000Z"}, {"uuid": "e22342cf-09ab-4a38-a8d0-161c198bf00b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34104", "type": "seen", "source": "https://t.me/arpsyndicate/2718", "content": "#ExploitObserverAlert\n\nCVE-2023-34104\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-34104. fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denial of service (DoS) attacks. By crafting an entity name that results in an intentionally bad performing regex and utilizing it in the entity replacement step of the parser, this can cause the parser to stall for an indefinite amount of time. This problem has been resolved in v4.2.4. Users are advised to upgrade. Users unable to upgrade should avoid using DOCTYPE parsing by setting the `processEntities: false` option.\n\nFIRST-EPSS: 0.000440000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-09T05:58:20.000000Z"}, {"uuid": "17f2bb3d-8882-4303-bf1c-e12962a36bb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34103", "type": "seen", "source": "https://t.me/cibsecurity/64993", "content": "\u203c CVE-2023-34103 \u203c\n\nAvo is an open source ruby on rails admin panel creation framework. In affected versions some avo fields are vulnerable to Cross Site Scripting (XSS) when rendering html based content. Attackers do need form edit privilege in order to successfully exploit this vulnerability, but the results are stored and no specific timing is required. This issue has been addressed in commit `7891c01e` which is expected to be included in the next release of avo. Users are advised to configure CSP headers for their application and to limit untrusted user access as a mitigation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-06T05:06:34.000000Z"}]}