{"vulnerability": "cve-2023-3937", "sightings": [{"uuid": "a67384e8-d5c8-4be4-b74f-9766a4f9477a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39375", "type": "seen", "source": "https://t.me/cibsecurity/71109", "content": "\u203c CVE-2023-39375 \u203c\n\nSiberianCMS - CWE-274: Improper Handling of Insufficient Privileges\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-27T18:46:14.000000Z"}, {"uuid": "8c7b1a88-271a-4f23-9cb4-208fcbc64378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39376", "type": "seen", "source": "https://t.me/cibsecurity/71065", "content": "\u203c CVE-2023-39376 \u203c\n\nSiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-27T18:36:05.000000Z"}, {"uuid": "a32931ca-fa6b-4794-8861-ffcdb390f69a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3937", "type": "seen", "source": "https://t.me/cibsecurity/68336", "content": "\u203c CVE-2023-3937 \u203c\n\nCross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T16:16:38.000000Z"}, {"uuid": "bbde36ca-f394-4f09-a9f8-944d8e55f8ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39379", "type": "seen", "source": "https://t.me/cibsecurity/67753", "content": "\u203c CVE-2023-39379 \u203c\n\nFujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T14:40:41.000000Z"}]}