{"vulnerability": "cve-2023-3095", "sightings": [{"uuid": "7326fa69-d6e6-41da-adc2-6269f5afac99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3095", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-3095\n\ud83d\udd39 Description: Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.\n\ud83d\udccf Published: 2023-06-04T00:00:00\n\ud83d\udccf Modified: 2025-01-08T19:54:09.449Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/35c899a9-40a0-4e17-bfb5-2a1430bc83c4\n2. https://github.com/nilsteampassnet/teampass/commit/774985f62f080715774604927fba2cb6ef701612", "creation_timestamp": "2025-01-08T20:14:13.000000Z"}, {"uuid": "bb1ed297-6ef1-4cb5-ad78-c2073366f2f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30959", "type": "seen", "source": "https://t.me/cibsecurity/71063", "content": "\u203c CVE-2023-30959 \u203c\n\nIn Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-27T18:36:03.000000Z"}, {"uuid": "e01a839b-9082-473f-a4d2-38aaae8362e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3095", "type": "seen", "source": "https://t.me/cibsecurity/64966", "content": "\u203c CVE-2023-3095 \u203c\n\nImproper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-04T14:27:39.000000Z"}, {"uuid": "698863cf-a208-48e8-978c-9ffc9471a5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30956", "type": "seen", "source": "https://t.me/cibsecurity/66319", "content": "\u203c CVE-2023-30956 \u203c\n\nA security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T02:24:05.000000Z"}]}