{"vulnerability": "CVE-2024-3850", "sightings": [{"uuid": "657f7004-7ae3-49ee-ab4c-408ad21d5726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38501", "type": "seen", "source": "https://t.me/cvedetector/3018", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38501 - Apache HTML Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38501 \nPublished : Aug. 13, 2024, 1:15 p.m. | 40\u00a0minutes ago \nDescription : An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T16:16:59.000000Z"}, {"uuid": "b4eeb251-d540-4785-8910-7de998706dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38502", "type": "seen", "source": "https://t.me/cvedetector/3017", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38502 - Apache Server Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38502 \nPublished : Aug. 13, 2024, 1:15 p.m. | 40\u00a0minutes ago \nDescription : An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T16:16:58.000000Z"}, {"uuid": "003112a9-0f63-4a9e-af5f-768a632bcb68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38503", "type": "seen", "source": "https://t.me/cvedetector/1409", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38503 - Syncope Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38503 \nPublished : July 22, 2024, 10:15 a.m. | 31\u00a0minutes ago \nDescription : When editing a user, group or any object in the Syncope Console, HTML tags could be added to any text field and could lead to potential exploits.  \nThe same vulnerability was found in the Syncope Enduser, when editing \u201cPersonal Information\u201d or \u201cUser Requests\u201d.  \n  \nUsers are recommended to upgrade to version 3.0.8, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T12:48:01.000000Z"}, {"uuid": "c18fac1e-6a8a-4c4a-9660-6e9821875df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38508", "type": "seen", "source": "https://t.me/cvedetector/1721", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38508 - XCC Command Injection Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-38508 \nPublished : July 26, 2024, 8:15 p.m. | 44\u00a0minutes ago \nDescription : A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-26T23:03:30.000000Z"}, {"uuid": "b780c309-b28a-4604-a623-593300bbb571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38509", "type": "seen", "source": "https://t.me/cvedetector/1720", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38509 - XCC IPMI Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38509 \nPublished : July 26, 2024, 8:15 p.m. | 44\u00a0minutes ago \nDescription : A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-26T23:03:28.000000Z"}]}