From 9ba4be40b507b54ee15f7d6dc271b76d172063ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Helmke?= <rene.helmke@fkie.fraunhofer.de>
Date: Thu, 27 Apr 2023 06:00:29 +0200
Subject: [PATCH] Auto-Update: 2023-04-27T04:00:26.898818+00:00

---
 CVE-2023/CVE-2023-312xx/CVE-2023-31287.json | 20 ++++++++++++++++++++
 README.md                                   | 12 ++++++------
 2 files changed, 26 insertions(+), 6 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-312xx/CVE-2023-31287.json

diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31287.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31287.json
new file mode 100644
index 00000000000..56f8bd18062
--- /dev/null
+++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31287.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-31287",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-04-27T03:15:10.200",
+  "lastModified": "2023-04-27T03:15:10.200",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. Password reset links are sent by email. A link contains a token that is used to reset the password. This token remains valid even after the password reset and can be used a second time to change the password of the corresponding user. The token expires only 3 hours after issuance and is sent as a query parameter when resetting. An attacker with access to the browser history can thus use the token again to change the password in order to take over the account."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index a56cc1c4c16..267e979b37a 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD in 2 hour periods.
 ### Last repository update
 
 ```plain
-2023-04-27T02:00:28.238242+00:00
+2023-04-27T04:00:26.898818+00:00
 ```
 
 ### Most recent CVE modification timestamp synchronized with NVD
 
 ```plain
-2023-04-27T01:41:09.010000+00:00
+2023-04-27T03:15:10.200000+00:00
 ```
 
 ### Last Data Feed release
@@ -29,20 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-datafeeds/r
 ### Total numbers of included CVEs
 
 ```plai#n
-213642
+213651
 ```
 
 ### CVEs added in the last commit
 
-Recently added CVEs: `0`
+Recently added CVEs: `1`
 
+* CVE-2023-31287 (*2023-04-27T03:15:10.200*)
 
 
 ### CVEs modified in the last commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-* CVE-2021-0874 (*2023-04-27T01:41:09.010*)
 
 
 ## Download and Usage