{"vulnerability": "cve-2023-4909", "sightings": [{"uuid": "66ea7a2e-8769-4d3b-b064-cf916ec70ed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-49092", "type": "seen", "source": "https://gist.github.com/soul2zimate/a5296bc917881b1c43c396b5caf75393", "content": "", "creation_timestamp": "2026-04-07T11:43:13.000000Z"}, {"uuid": "931cb6bd-69cd-463a-890e-1675a96d77bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49098", "type": "seen", "source": "https://t.me/arpsyndicate/2812", "content": "#ExploitObserverAlert\n\nCVE-2023-49098\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-49098. Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939.", "creation_timestamp": "2024-01-15T22:14:14.000000Z"}, {"uuid": "7a74b6e1-0b1c-4f4d-a8eb-3f686611db8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49099", "type": "seen", "source": "https://t.me/arpsyndicate/2769", "content": "#ExploitObserverAlert\n\nCVE-2023-49099\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-49099. Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4.", "creation_timestamp": "2024-01-15T08:20:28.000000Z"}, {"uuid": "2c0b41b6-8d16-4696-90c7-3a921feb87d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49099", "type": "seen", "source": "https://t.me/ctinow/167569", "content": "https://ift.tt/q8H36gQ\nCVE-2023-49099", "creation_timestamp": "2024-01-12T22:41:46.000000Z"}, {"uuid": "6fd2973c-501d-46d2-b6f8-9d16b1b7658d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49098", "type": "seen", "source": "https://t.me/ctinow/167568", "content": "https://ift.tt/o1nxvZi\nCVE-2023-49098", "creation_timestamp": "2024-01-12T22:41:45.000000Z"}, {"uuid": "4bf08946-23e5-494d-a881-6097419dba74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49095", "type": "seen", "source": "https://t.me/ctinow/157043", "content": "https://ift.tt/C4Hx8WR\nCVE-2023-49095 | nexryai nexkey prior 12.122.2 ActivityPub Request input validation", "creation_timestamp": "2023-12-20T14:46:35.000000Z"}, {"uuid": "00cdc4cb-0eca-4bb9-bce2-f1f3bdcff3e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49097", "type": "seen", "source": "https://t.me/ctinow/156945", "content": "https://ift.tt/1vpiIjK\nCVE-2023-49097 | Zitadel up to 2.39.8/2.40.9/2.41.5 Header X-Forwarded-Host password recovery (GHSA-2wmj-46rj-qm2w)", "creation_timestamp": "2023-12-20T13:18:04.000000Z"}, {"uuid": "f332dd01-0fd1-4169-916c-18222967a4d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49091", "type": "seen", "source": "https://t.me/ctinow/156934", "content": "https://ift.tt/jq40wTA\nCVE-2023-49091 | azukaar Cosmos-Server up to 0.12.x Authorization Header session expiration (GHSA-hpvm-x7m8-3c6x)", "creation_timestamp": "2023-12-20T12:36:56.000000Z"}, {"uuid": "08f25d08-bac5-42bb-8576-d92d9448a778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49090", "type": "seen", "source": "https://t.me/ctinow/156873", "content": "https://ift.tt/jteVimy\nCVE-2023-49090 | CarrierWave up to 2.2.4/3.0.4 cross site scripting (GHSA-gxhx-g4fq-49hj)", "creation_timestamp": "2023-12-20T11:12:32.000000Z"}, {"uuid": "8ffcb8b6-9397-4558-85b4-bfc59bbe442b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49098", "type": "seen", "source": "https://t.me/ctinow/178348", "content": "https://ift.tt/BaQ5r1S\nCVE-2023-49098 | discourse-reactions Notifications access control (2c26939)", "creation_timestamp": "2024-02-03T01:46:17.000000Z"}, {"uuid": "7a79e294-6b6f-4f67-9af7-526931299b82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49099", "type": "seen", "source": "https://t.me/ctinow/178339", "content": "https://ift.tt/eHo7yF0\nCVE-2023-49099 | Discourse up to 3.1.3/3.2.0.beta3 Secure Upload URL access control", "creation_timestamp": "2024-02-03T00:51:35.000000Z"}, {"uuid": "ac4af4b6-0f16-4b2f-8177-ae71f2bae8df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49093", "type": "seen", "source": "https://t.me/ctinow/181774", "content": "https://ift.tt/qofkCeP\nCVE-2023-49093 | Oracle WebLogic Server 12.2.1.4.0/14.1.1.0.0 Centralized Thirdparty Jars code injection", "creation_timestamp": "2024-02-09T02:51:50.000000Z"}, {"uuid": "ae87ee55-2a17-45ed-9bfc-0151f145a7f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49096", "type": "seen", "source": "https://t.me/ctinow/160839", "content": "https://ift.tt/qujzMwG\nCVE-2023-49096 | Jellyfin up to 10.8.12 /Videos//stream argument injection", "creation_timestamp": "2023-12-30T10:06:38.000000Z"}, {"uuid": "fbdaaa82-fece-4040-ab43-ee6bf300383f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49093", "type": "seen", "source": "https://t.me/ctinow/158282", "content": "https://ift.tt/nJuKxyo\nCVE-2023-49093 | HtmlUnit up to 3.8.x XSTL code injection (GHSA-37vq-hr2f-g7h7)", "creation_timestamp": "2023-12-22T09:51:44.000000Z"}]}