{"vulnerability": "GHSA-J3M6-GVM8-MHVW", "sightings": [{"uuid": "859fc913-254e-45a6-af71-9804ac51f1da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-J3M6-GVM8-MHVW", "type": "seen", "source": "https://t.me/arpsyndicate/3084", "content": "#ExploitObserverAlert\n\nGHSA-j3m6-gvm8-mhvw\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-j3m6-gvm8-mhvw. Users who don't have edit or delete permissions for records exposed in a ModelAdmin can still edit or delete records using the CSV import form, provided they have create permissions.", "creation_timestamp": "2024-01-26T21:51:46.000000Z"}, {"uuid": "dfd23122-77d2-4db9-8356-f790e43f4157", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-J3M6-GVM8-MHVW", "type": "seen", "source": "https://t.me/ctinow/186846", "content": "https://ift.tt/8zFqIWB\nCVE-2023-49783 | SilverStripe Admin up to 1.13.18/2.1.7 getCheckPermissions authorization (GHSA-j3m6-gvm8-mhvw)", "creation_timestamp": "2024-02-17T09:41:46.000000Z"}, {"uuid": "0ffdb119-0321-4389-b2ab-f35f909a9fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-J3M6-GVM8-MHVW", "type": "seen", "source": "https://t.me/ctinow/172299", "content": "https://ift.tt/zlsntUq\n[GHSA-j3m6-gvm8-mhvw] No permission checks for editing/deleting records with CSV import form", "creation_timestamp": "2024-01-23T21:12:25.000000Z"}]}