{"vulnerability": "CVE-2023-3186", "sightings": [{"uuid": "8aac7573-0a4b-4101-875f-1547d5a89651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31860", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2151", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31860\n\ud83d\udd39 Description: Wuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T16:45:33.887Z\n\ud83d\udd17 References:\n1. https://github.com/wuzhicms/b2b/issues/3", "creation_timestamp": "2025-01-17T16:56:49.000000Z"}, {"uuid": "9b00c3ba-630e-413d-bf74-a682a4a345c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3186", "type": "seen", "source": "https://t.me/cibsecurity/66814", "content": "\u203c CVE-2023-3186 \u203c\n\nThe Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-17T18:40:11.000000Z"}, {"uuid": "5b1e0221-871d-44e5-9acb-74aafaead50e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31860", "type": "seen", "source": "https://t.me/cibsecurity/64652", "content": "\u203c CVE-2023-31860 \u203c\n\nWuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-24T00:40:25.000000Z"}, {"uuid": "d6fe3d7c-da41-412d-bcfd-76f304c456d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31862", "type": "seen", "source": "https://t.me/cibsecurity/64461", "content": "\u203c CVE-2023-31862 \u203c\n\njizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the request package.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T16:33:01.000000Z"}]}