From 965af08e41ff1a81cbb89fe2764832babf912da9 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 30 Dec 2023 13:00:28 +0000
Subject: [PATCH] Auto-Update: 2023-12-30T13:00:24.674905+00:00

---
 CVE-2023/CVE-2023-54xx/CVE-2023-5408.json |  6 +-
 CVE-2023/CVE-2023-71xx/CVE-2023-7173.json | 88 +++++++++++++++++++++++
 README.md                                 | 14 ++--
 3 files changed, 100 insertions(+), 8 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-71xx/CVE-2023-7173.json

diff --git a/CVE-2023/CVE-2023-54xx/CVE-2023-5408.json b/CVE-2023/CVE-2023-54xx/CVE-2023-5408.json
index 4a4304b1df3..acb0703ecc0 100644
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5408.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5408.json
@@ -2,7 +2,7 @@
   "id": "CVE-2023-5408",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-11-02T03:15:10.230",
-  "lastModified": "2023-11-29T06:15:46.853",
+  "lastModified": "2023-12-30T12:15:43.933",
   "vulnStatus": "Undergoing Analysis",
   "descriptions": [
     {
@@ -98,6 +98,10 @@
     }
   ],
   "references": [
+    {
+      "url": "https://access.redhat.com/errata/RHSA-2023:5006",
+      "source": "secalert@redhat.com"
+    },
     {
       "url": "https://access.redhat.com/errata/RHSA-2023:6130",
       "source": "secalert@redhat.com",
diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7173.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7173.json
new file mode 100644
index 00000000000..5ebd946c454
--- /dev/null
+++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7173.json
@@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-7173",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-12-30T12:15:44.680",
+  "lastModified": "2023-12-30T12:15:44.680",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file registration.php. The manipulation of the argument First Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249357 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 10.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://drive.google.com/file/d/1Mqs0mmxxmKLrFLHekPke5bZnzMHvnrFm/view?usp=sharing",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.249357",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.249357",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 474fba60d1f..963e96d9b39 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-30T11:00:24.835693+00:00
+2023-12-30T13:00:24.674905+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-30T10:15:08.837000+00:00
+2023-12-30T12:15:44.680000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,21 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-234551
+234552
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `2`
+Recently added CVEs: `1`
 
-* [CVE-2018-25096](CVE-2018/CVE-2018-250xx/CVE-2018-25096.json) (`2023-12-30T10:15:08.837`)
-* [CVE-2023-7172](CVE-2023/CVE-2023-71xx/CVE-2023-7172.json) (`2023-12-30T09:15:07.953`)
+* [CVE-2023-7173](CVE-2023/CVE-2023-71xx/CVE-2023-7173.json) (`2023-12-30T12:15:44.680`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+* [CVE-2023-5408](CVE-2023/CVE-2023-54xx/CVE-2023-5408.json) (`2023-12-30T12:15:43.933`)
 
 
 ## Download and Usage