From 9a491431aa1ad3511997e88380766e1ab5931ad4 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 9 Sep 2023 22:00:28 +0000
Subject: [PATCH] Auto-Update: 2023-09-09T22:00:24.954234+00:00

---
 CVE-2022/CVE-2022-383xx/CVE-2022-38392.json |  6 +-
 CVE-2023/CVE-2023-48xx/CVE-2023-4864.json   | 88 +++++++++++++++++++++
 README.md                                   | 14 ++--
 3 files changed, 100 insertions(+), 8 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-48xx/CVE-2023-4864.json

diff --git a/CVE-2022/CVE-2022-383xx/CVE-2022-38392.json b/CVE-2022/CVE-2022-383xx/CVE-2022-38392.json
index ec5081a623c..296532e3bdd 100644
--- a/CVE-2022/CVE-2022-383xx/CVE-2022-38392.json
+++ b/CVE-2022/CVE-2022-383xx/CVE-2022-38392.json
@@ -2,7 +2,7 @@
   "id": "CVE-2022-38392",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2022-08-17T18:15:08.297",
-  "lastModified": "2022-08-30T06:15:08.417",
+  "lastModified": "2023-09-09T21:15:43.120",
   "vulnStatus": "Modified",
   "evaluatorComment": "Due to the lack of publicly available information regarding any specific targeted products for this vulnerability, we are unable to provide a legitimate CPE value for this CVE's configuration.   ",
   "descriptions": [
@@ -97,6 +97,10 @@
         "Third Party Advisory"
       ]
     },
+    {
+      "url": "https://www.seagate.com/support/security/",
+      "source": "cve@mitre.org"
+    },
     {
       "url": "https://www.youtube.com/watch?v=nSvu9IDUjZw&t=416s",
       "source": "cve@mitre.org"
diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4864.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4864.json
new file mode 100644
index 00000000000..c29f8193075
--- /dev/null
+++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4864.json
@@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-4864",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-09-09T21:15:43.717",
+  "lastModified": "2023-09-09T21:15:43.717",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input <script>alert('xss')</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239349 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.239349",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.239349",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 65be71c8647..71275395f00 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-09-09T16:00:24.411162+00:00
+2023-09-09T22:00:24.954234+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-09-09T15:15:35.500000+00:00
+2023-09-09T21:15:43.717000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,21 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-224552
+224553
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `2`
+Recently added CVEs: `1`
 
-* [CVE-2023-4874](CVE-2023/CVE-2023-48xx/CVE-2023-4874.json) (`2023-09-09T15:15:34.623`)
-* [CVE-2023-4875](CVE-2023/CVE-2023-48xx/CVE-2023-4875.json) (`2023-09-09T15:15:35.500`)
+* [CVE-2023-4864](CVE-2023/CVE-2023-48xx/CVE-2023-4864.json) (`2023-09-09T21:15:43.717`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+* [CVE-2022-38392](CVE-2022/CVE-2022-383xx/CVE-2022-38392.json) (`2023-09-09T21:15:43.120`)
 
 
 ## Download and Usage