{"vulnerability": "CVE-2023-4709", "sightings": [{"uuid": "f43c22e7-e87e-48eb-aef1-881dc8078646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47096", "type": "seen", "source": "https://t.me/cibsecurity/73293", "content": "\u203c CVE-2023-47096 \u203c\n\nAn issue was discovered in Virtualmin 7.7. The Cloudmin Services Client under System Settings allows XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T06:34:58.000000Z"}, {"uuid": "ca05dcc7-5a41-4c5f-8893-ae8bd3e04689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47094", "type": "seen", "source": "https://t.me/cibsecurity/73298", "content": "\u203c CVE-2023-47094 \u203c\n\nAn issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Account Plans tab of System Settings via the Plan Name field. Whenever the module is accessed, the XSS payload is executed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-12-31T22:31:50.000000Z"}, {"uuid": "e887e759-a85b-4a81-86f4-817c697e6477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47091", "type": "seen", "source": "https://t.me/ctinow/169972", "content": "https://ift.tt/7LvmF4J\nCVE-2023-47091 | Stormshield Network Security Cookie access control", "creation_timestamp": "2024-01-18T22:26:23.000000Z"}, {"uuid": "b31acc73-0e40-44ae-b323-532a6c77cbdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47092", "type": "seen", "source": "https://t.me/ctinow/169964", "content": "https://ift.tt/SdZXkns\nCVE-2023-47092", "creation_timestamp": "2024-01-18T22:21:29.000000Z"}, {"uuid": "71d3fb72-ffd3-49f5-bdfd-36a2b9087b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47091", "type": "seen", "source": "https://t.me/ctinow/159163", "content": "https://ift.tt/TOImJat\nCVE-2023-47091", "creation_timestamp": "2023-12-25T08:26:28.000000Z"}, {"uuid": "78326ade-8bc8-454f-834a-ee063c322985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4709", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17609", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-4709\n\ud83d\udd25 CVSS Score: 2.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. It is possible to mitigate the problem by applying the configuration setting . It is recommended to change the configuration settings. The vendor was initially contacted early about this disclosure but did not respond in any way. In a later statement he explains, that \"the behavior described [...] is related to specific configurations that are not part of the default application setup. In standard production environments, the relevant feature (VIEWSTATE) is disabled by default, which effectively mitigates the risk of exploitation.\"\n\ud83d\udccf Published: 2023-09-01T18:31:04.891Z\n\ud83d\udccf Modified: 2025-05-27T06:18:11.588Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.238572\n2. https://vuldb.com/?ctiid.238572\n3. https://vuldb.com/?submit.196885\n4. https://tdn.totvs.com/pages/releaseview.action?pageId=284462425#COMOAUMENTARASEGURAN%C3%87ADESUAAPLICA%C3%87%C3%83O-Reduziron%C3%ADveldedetalhamentodemensagensexibidasparaousu%C3%A1rio", "creation_timestamp": "2025-05-27T06:48:30.000000Z"}, {"uuid": "f37e900f-0c1e-4e0b-b219-cd94d8f47ca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47099", "type": "seen", "source": "https://t.me/cibsecurity/73292", "content": "\u203c CVE-2023-47099 \u203c\n\nAn issue was discovered in Virtualmin 7.7. The Create Virtual Server functionality allows XSS attacks against anyone who accesses the Virtual Server Summary tab.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T06:34:57.000000Z"}, {"uuid": "9ad7d559-a060-4b36-b13a-5624cd77d024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47096", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1304", "content": "", "creation_timestamp": "2024-11-17T03:13:55.000000Z"}, {"uuid": "2bcc1f53-bfa3-4142-b273-132df1a03293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47093", "type": "seen", "source": "https://t.me/ctinow/167971", "content": "https://ift.tt/T5FOuUQ\nCVE-2023-47093 | Stormshield Network Security up to 4.3.21/4.6.8/4.7.0 ASQ Engine denial of service", "creation_timestamp": "2024-01-14T09:07:13.000000Z"}, {"uuid": "4edf6b6e-54d6-47c1-8f80-76673735066b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47097", "type": "seen", "source": "https://t.me/cibsecurity/73284", "content": "\u203c CVE-2023-47097 \u203c\n\nAn issue was discovered in Virtualmin 7.7. The Server Templates feature under System Settings allows XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T06:34:44.000000Z"}, {"uuid": "6ea05ef6-e790-40be-8181-6114664214cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47095", "type": "seen", "source": "https://t.me/cibsecurity/73295", "content": "\u203c CVE-2023-47095 \u203c\n\nAn issue was discovered in Virtualmin 7.7. The Custom Fields feature of Edit Virtual Server under System Customization allows XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T06:35:00.000000Z"}, {"uuid": "96608c86-8583-4d8f-9129-34369a129c65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47090", "type": "seen", "source": "https://t.me/cibsecurity/73139", "content": "\u203c CVE-2023-47090 \u203c\n\nNATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. An implicit $G user in an authorization block can sometimes be used for unauthenticated access, even when the intention of the configuration was for each user to have an account. The earliest affected version is 2.2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-30T19:19:46.000000Z"}, {"uuid": "27850345-a0c3-4451-8c27-b5339ebcf10e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47093", "type": "seen", "source": "https://t.me/ctinow/157441", "content": "https://ift.tt/u40v9qH\nCVE-2023-47093", "creation_timestamp": "2023-12-21T01:23:56.000000Z"}, {"uuid": "b5431edb-6c13-4289-9506-3c1dd4e9bf4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4709", "type": "seen", "source": "https://t.me/cibsecurity/69681", "content": "\u203c CVE-2023-4709 \u203c\n\nA vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-238572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T22:14:00.000000Z"}]}