Auto-Update: 2023-12-10T21:00:19.442034+00:00

CVE-2022/CVE-2022-486xx/CVE-2022-48614.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2022-48614",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-10T19:15:07.410",
+  "lastModified": "2023-12-10T19:15:07.410",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Special:Ask in Semantic MediaWiki before 4.0.2 allows Reflected XSS."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/SemanticMediaWiki/SemanticMediaWiki/issues/5262",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.semantic-mediawiki.org/wiki/Semantic_MediaWiki_4.0.2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-504xx/CVE-2023-50453.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-50453",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-10T19:15:07.480",
+  "lastModified": "2023-12-10T19:15:07.480",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Zammad before 6.2.0. It uses the public endpoint /api/v1/signshow for its login screen. This endpoint returns internal configuration data of user object attributes, such as selectable values, which should not be visible to the public."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zammad.com/en/advisories/zaa-2023-08",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-504xx/CVE-2023-50454.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-50454",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-10T19:15:07.530",
+  "lastModified": "2023-12-10T19:15:07.530",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Zammad before 6.2.0. In several subsystems, SSL/TLS was used to establish connections to external services without proper validation of hostname and certificate authority. This is exploitable by man-in-the-middle attackers."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zammad.com/en/advisories/zaa-2023-04",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-504xx/CVE-2023-50455.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-50455",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-10T19:15:07.580",
+  "lastModified": "2023-12-10T19:15:07.580",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Zammad before 6.2.0. Due to lack of rate limiting in the \"email address verification\" feature, an attacker could send many requests for a known address to cause Denial Of Service (generation of many emails, which would also spam the victim)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zammad.com/en/advisories/zaa-2023-06",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-504xx/CVE-2023-50456.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-50456",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-10T19:15:07.637",
+  "lastModified": "2023-12-10T19:15:07.637",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Zammad before 6.2.0. An attacker can trigger phishing links in generated notification emails via a crafted first or last name."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zammad.com/en/advisories/zaa-2023-07",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-504xx/CVE-2023-50457.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-50457",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-10T19:15:07.687",
+  "lastModified": "2023-12-10T19:15:07.687",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zammad.com/en/advisories/zaa-2023-05",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-10T19:00:18.874669+00:00
+2023-12-10T21:00:19.442034+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-10T18:15:07.643000+00:00
+2023-12-10T19:15:07.687000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,25 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-232685
+232691
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `5`
+Recently added CVEs: `6`
 
-* [CVE-2023-50446](CVE-2023/CVE-2023-504xx/CVE-2023-50446.json) (`2023-12-10T17:15:07.070`)
-* [CVE-2023-50449](CVE-2023/CVE-2023-504xx/CVE-2023-50449.json) (`2023-12-10T18:15:07.103`)
-* [CVE-2023-5868](CVE-2023/CVE-2023-58xx/CVE-2023-5868.json) (`2023-12-10T18:15:07.163`)
-* [CVE-2023-5869](CVE-2023/CVE-2023-58xx/CVE-2023-5869.json) (`2023-12-10T18:15:07.410`)
-* [CVE-2023-5870](CVE-2023/CVE-2023-58xx/CVE-2023-5870.json) (`2023-12-10T18:15:07.643`)
+* [CVE-2022-48614](CVE-2022/CVE-2022-486xx/CVE-2022-48614.json) (`2023-12-10T19:15:07.410`)
+* [CVE-2023-50453](CVE-2023/CVE-2023-504xx/CVE-2023-50453.json) (`2023-12-10T19:15:07.480`)
+* [CVE-2023-50454](CVE-2023/CVE-2023-504xx/CVE-2023-50454.json) (`2023-12-10T19:15:07.530`)
+* [CVE-2023-50455](CVE-2023/CVE-2023-504xx/CVE-2023-50455.json) (`2023-12-10T19:15:07.580`)
+* [CVE-2023-50456](CVE-2023/CVE-2023-504xx/CVE-2023-50456.json) (`2023-12-10T19:15:07.637`)
+* [CVE-2023-50457](CVE-2023/CVE-2023-504xx/CVE-2023-50457.json) (`2023-12-10T19:15:07.687`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-* [CVE-2022-22817](CVE-2022/CVE-2022-228xx/CVE-2022-22817.json) (`2023-12-10T18:15:06.950`)
 
 
 ## Download and Usage