{"vulnerability": "cve-2024-5641", "sightings": [{"uuid": "9d8d8ffd-c3ab-4f13-ae4d-ebe59a35406c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56410", "type": "seen", "source": "https://t.me/cvedetector/14240", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56410 - \"PhpSpreadsheet Custom Properties XSS\"\", \n  \"Content\": \"CVE ID : CVE-2024-56410 \nPublished : Jan. 3, 2025, 6:15 p.m. | 38\u00a0minutes ago \nDescription : PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting (XSS) vulnerability in custom properties. The HTML page is generated without clearing custom properties. Versions 3.7.0, 2.3.5, 2.1.6, and 1.29.7 contain a patch for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T20:22:03.000000Z"}, {"uuid": "1111b1a0-ade9-4f61-8315-4e0fd2091f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56412", "type": "seen", "source": "https://t.me/cvedetector/14237", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56412 - PhpSpreadsheet Cross-Site Scripting (XSS) Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56412 \nPublished : Jan. 3, 2025, 6:15 p.m. | 38\u00a0minutes ago \nDescription : PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 are vulnerable to bypass of the cross-site scripting sanitizer using the javascript protocol and special characters. An attacker can use special characters, so that the library processes the javascript protocol with special characters and generates an HTML link. Versions 3.7.0, 2.3.5, 2.1.6, and 1.29.7 contain a patch for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T20:21:58.000000Z"}, {"uuid": "fedb510f-08f6-4117-a2bb-97ab9a05e4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56411", "type": "seen", "source": "https://t.me/cvedetector/14236", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56411 - PhpSpreadsheet XSS in Hyperlink Base\", \n  \"Content\": \"CVE ID : CVE-2024-56411 \nPublished : Jan. 3, 2025, 6:15 p.m. | 38\u00a0minutes ago \nDescription : PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting (XSS) vulnerability of the hyperlink base in the HTML page header. The HTML page is formed without sanitizing the hyperlink base. Versions 3.7.0, 2.3.5, 2.1.6, and 1.29.7 contain a patch for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T20:21:57.000000Z"}, {"uuid": "bb2e0fe6-cfb6-4cc3-b0c0-bda309eacbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56414", "type": "seen", "source": "https://t.me/cvedetector/14178", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56414 - Acronis Cyber Protect Weak Hash Algorithm Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56414 \nPublished : Jan. 2, 2025, 4:15 p.m. | 17\u00a0minutes ago \nDescription : Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T17:36:30.000000Z"}, {"uuid": "6adaf5a9-5ba2-4bc1-ad4c-e5250c446a22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56413", "type": "seen", "source": "https://t.me/cvedetector/14177", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56413 - Acronis Cyber Protect Session Invalidation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56413 \nPublished : Jan. 2, 2025, 4:15 p.m. | 17\u00a0minutes ago \nDescription : Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T17:36:30.000000Z"}, {"uuid": "39176534-dcba-479b-9661-f257fffbfeff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56413", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lerhwpylog22", "content": "", "creation_timestamp": "2025-01-02T16:15:47.500817Z"}, {"uuid": "51071493-8b2c-45a5-a4fe-e74278602a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56414", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lerhwsk7y622", "content": "", "creation_timestamp": "2025-01-02T16:15:50.109287Z"}, {"uuid": "8a84f0be-20c5-4287-9030-1184a852c175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56414", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lerjxlt3as2r", "content": "", "creation_timestamp": "2025-01-02T16:52:05.142352Z"}, {"uuid": "10546a70-368e-4fba-8fcf-292cea82e405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56413", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lerjxlweg32k", "content": "", "creation_timestamp": "2025-01-02T16:52:05.812325Z"}, {"uuid": "597a0415-3de7-4f23-960a-ff170b5dc5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56410", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765598049117930", "content": "", "creation_timestamp": "2025-01-03T17:27:44.586234Z"}, {"uuid": "dd75acd2-cabb-47d2-a263-13c5627cb52a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56411", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765598065635457", "content": "", "creation_timestamp": "2025-01-03T17:27:45.247721Z"}, {"uuid": "94520fb9-f7d0-4ade-9f9d-d632087f778d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56412", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765598079911257", "content": "", "creation_timestamp": "2025-01-03T17:27:46.770634Z"}]}