From 4cd26f094621ce1e0a42bb998f495aff72fc641a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 13 Sep 2023 22:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/40xxx/CVE-2023-40617.json | 48 ++++++++++++++++++++++++-- 2023/41xxx/CVE-2023-41152.json | 61 ++++++++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41154.json | 61 ++++++++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41155.json | 61 ++++++++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41158.json | 61 ++++++++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41162.json | 61 ++++++++++++++++++++++++++++++---- 6 files changed, 321 insertions(+), 32 deletions(-) diff --git a/2023/40xxx/CVE-2023-40617.json b/2023/40xxx/CVE-2023-40617.json index 7c26930305f..ea41603e876 100644 --- a/2023/40xxx/CVE-2023-40617.json +++ b/2023/40xxx/CVE-2023-40617.json @@ -5,13 +5,57 @@ "CVE_data_meta": { "ID": "CVE-2023-40617", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-40617", + "url": "https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-40617" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'." } ] } diff --git a/2023/41xxx/CVE-2023-41152.json b/2023/41xxx/CVE-2023-41152.json index 09a98593a22..2929dcba7ac 100644 --- a/2023/41xxx/CVE-2023-41152.json +++ b/2023/41xxx/CVE-2023-41152.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41152", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41152", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the handle program field while creating a new MIME type program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://webmin.com/tags/webmin-changelog/", + "refsource": "MISC", + "name": "https://webmin.com/tags/webmin-changelog/" + }, + { + "refsource": "MISC", + "name": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41152", + "url": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41152" } ] } diff --git a/2023/41xxx/CVE-2023-41154.json b/2023/41xxx/CVE-2023-41154.json index 568f519b28e..96b7ee968da 100644 --- a/2023/41xxx/CVE-2023-41154.json +++ b/2023/41xxx/CVE-2023-41154.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41154", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41154", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the scheduled cron jobs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the value field parameter while creating a new environment variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://webmin.com/tags/webmin-changelog/", + "refsource": "MISC", + "name": "https://webmin.com/tags/webmin-changelog/" + }, + { + "refsource": "MISC", + "name": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41154", + "url": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41154" } ] } diff --git a/2023/41xxx/CVE-2023-41155.json b/2023/41xxx/CVE-2023-41155.json index 029c8104085..0cd2d92e8a4 100644 --- a/2023/41xxx/CVE-2023-41155.json +++ b/2023/41xxx/CVE-2023-41155.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41155", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41155", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://webmin.com/tags/webmin-changelog/", + "refsource": "MISC", + "name": "https://webmin.com/tags/webmin-changelog/" + }, + { + "refsource": "MISC", + "name": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41155", + "url": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41155" } ] } diff --git a/2023/41xxx/CVE-2023-41158.json b/2023/41xxx/CVE-2023-41158.json index acb54165e38..92c2eb74565 100644 --- a/2023/41xxx/CVE-2023-41158.json +++ b/2023/41xxx/CVE-2023-41158.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41158", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41158", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the description field while creating a new MIME type program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://webmin.com/tags/webmin-changelog/", + "refsource": "MISC", + "name": "https://webmin.com/tags/webmin-changelog/" + }, + { + "refsource": "MISC", + "name": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41158", + "url": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41158" } ] } diff --git a/2023/41xxx/CVE-2023-41162.json b/2023/41xxx/CVE-2023-41162.json index 038fb31b7c6..de94a5abedb 100644 --- a/2023/41xxx/CVE-2023-41162.json +++ b/2023/41xxx/CVE-2023-41162.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41162", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41162", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://webmin.com/tags/webmin-changelog/", + "refsource": "MISC", + "name": "https://webmin.com/tags/webmin-changelog/" + }, + { + "refsource": "MISC", + "name": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41162", + "url": "https://github.com/shindeanik/Usermin-2.000/blob/main/CVE-2023-41162" } ] }