{"vulnerability": "CVE-2019-19737", "sightings": [{"uuid": "922228a2-f5e0-4357-a4ba-d2cdaad1b1a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19737", "type": "seen", "source": "https://t.me/ctinow/210618", "content": "https://ift.tt/QUZf7rd\nCVE-2019-19737 | MFScripts YetiShare up to 4.5.3 Session Cookie cross-site request forgery", "creation_timestamp": "2024-03-18T15:16:39.000000Z"}, {"uuid": "f3b02def-07b8-4a7b-b6d0-e5b4dea437cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19737", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq4uprchhp25", "content": "\ud83d\udccc CVE-2019-19737 - MFScripts YetiShare 3.5.2 through 4.5.3 does not set the SameSite flag on session cookies, allowing the cookie to be sent in cross-site requests and p... https://www.cyberhub.blog/cves/CVE-2019-19737", "creation_timestamp": "2026-07-08T10:07:09.557903Z"}]}