"-Synchronized-Data."

This commit is contained in:
CVE Team 2023-12-30 23:00:34 +00:00
parent adb44ddd0d
commit a1fa454e70
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
2 changed files with 139 additions and 0 deletions

View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-52264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The beesblog (aka Bees Blog) component before 1.6.2 for thirty bees allows Reflected XSS because controllers/front/post.php sharing_url is mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://zigrin.com/advisories/thirty-bees-reflected-cross-site-scripting-vulnerability/",
"refsource": "MISC",
"name": "https://zigrin.com/advisories/thirty-bees-reflected-cross-site-scripting-vulnerability/"
},
{
"url": "https://github.com/thirtybees/beesblog/commit/a3aeed8fcf01c8e4112c168cf2ef7d67c8056daf",
"refsource": "MISC",
"name": "https://github.com/thirtybees/beesblog/commit/a3aeed8fcf01c8e4112c168cf2ef7d67c8056daf"
},
{
"url": "https://github.com/thirtybees/beesblog/compare/1.6.1...1.6.2",
"refsource": "MISC",
"name": "https://github.com/thirtybees/beesblog/compare/1.6.1...1.6.2"
}
]
}
}

View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-52265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/wbowm15/jubilant-enigma/blob/main/writeup.md",
"refsource": "MISC",
"name": "https://github.com/wbowm15/jubilant-enigma/blob/main/writeup.md"
},
{
"url": "https://github.com/idurar/idurar-erp-crm/compare/2.0.1...2.1.0",
"refsource": "MISC",
"name": "https://github.com/idurar/idurar-erp-crm/compare/2.0.1...2.1.0"
}
]
}
}