{"vulnerability": "cve-2023-26059", "sightings": [{"uuid": "7a1811c1-3615-481d-86c5-98e3e2835811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26059", "type": "seen", "source": "https://t.me/cibsecurity/62754", "content": "\u203c CVE-2023-26059 \u203c\n\nAn issue was discovered in Nokia NetAct before 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demilitarised zone behind a perimeter firewall and without exposure to the internet. The attack can only be performed by an internal user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T22:19:50.000000Z"}, {"uuid": "93bbdfe5-f705-43cd-9ba1-85cd6969f858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26059", "type": "seen", "source": "Telegram/YY4S-YauUuBwS1Vc12ZZBfb4WwHICH0Hps4CWaQYIhbl60DL", "content": "", "creation_timestamp": "2025-02-06T02:41:38.000000Z"}]}