From b881cf71d541f66dad09148f3b16abeb88a97430 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Mon, 21 Aug 2023 10:00:33 +0000
Subject: [PATCH] Auto-Update: 2023-08-21T10:00:30.422036+00:00

---
 CVE-2023/CVE-2023-395xx/CVE-2023-39543.json | 28 ++++++++++++++++++
 CVE-2023/CVE-2023-399xx/CVE-2023-39939.json | 28 ++++++++++++++++++
 CVE-2023/CVE-2023-400xx/CVE-2023-40068.json | 32 +++++++++++++++++++++
 README.md                                   | 16 +++++------
 4 files changed, 96 insertions(+), 8 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-395xx/CVE-2023-39543.json
 create mode 100644 CVE-2023/CVE-2023-399xx/CVE-2023-39939.json
 create mode 100644 CVE-2023/CVE-2023-400xx/CVE-2023-40068.json

diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39543.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39543.json
new file mode 100644
index 00000000000..e5c82123a8a
--- /dev/null
+++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39543.json
@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-39543",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-08-21T09:15:09.433",
+  "lastModified": "2023-08-21T09:15:09.433",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN04876736/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/?download",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39939.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39939.json
new file mode 100644
index 00000000000..e19d2d08f9a
--- /dev/null
+++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39939.json
@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-39939",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-08-21T09:15:10.280",
+  "lastModified": "2023-08-21T09:15:10.280",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN04876736/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/?download",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40068.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40068.json
new file mode 100644
index 00000000000..510b3ffa379
--- /dev/null
+++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40068.json
@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-40068",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-08-21T09:15:10.430",
+  "lastModified": "2023-08-21T09:15:10.430",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative privilege."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN98946408/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://wordpress.org/plugins/advanced-custom-fields/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.advancedcustomfields.com/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.advancedcustomfields.com/blog/acf-6-1-8/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 7af5f5a5377..bb67b2f8973 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-08-21T08:00:25.490511+00:00
+2023-08-21T10:00:30.422036+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-08-21T07:15:34.127000+00:00
+2023-08-21T09:15:10.430000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,22 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-223047
+223050
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `3`
 
-* [CVE-2022-46751](CVE-2022/CVE-2022-467xx/CVE-2022-46751.json) (`2023-08-21T07:15:33.740`)
+* [CVE-2023-39543](CVE-2023/CVE-2023-395xx/CVE-2023-39543.json) (`2023-08-21T09:15:09.433`)
+* [CVE-2023-39939](CVE-2023/CVE-2023-399xx/CVE-2023-39939.json) (`2023-08-21T09:15:10.280`)
+* [CVE-2023-40068](CVE-2023/CVE-2023-400xx/CVE-2023-40068.json) (`2023-08-21T09:15:10.430`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `2`
+Recently modified CVEs: `0`
 
-* [CVE-2023-39851](CVE-2023/CVE-2023-398xx/CVE-2023-39851.json) (`2023-08-21T07:15:33.973`)
-* [CVE-2023-39852](CVE-2023/CVE-2023-398xx/CVE-2023-39852.json) (`2023-08-21T07:15:34.127`)
 
 
 ## Download and Usage