{"vulnerability": "CVE-2023-4035", "sightings": [{"uuid": "6ca1618d-049c-4b29-b5fa-28b4b05f53fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40355", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18642", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-40355\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.\n\ud83d\udccf Published: 2024-02-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T17:04:11.842Z\n\ud83d\udd17 References:\n1. https://www.axigen.com/knowledgebase/Axigen-WebMail-XSS-Vulnerability-CVE-2023-40355-_396.html", "creation_timestamp": "2025-06-17T17:42:23.000000Z"}, {"uuid": "2bfc66e1-daf9-4489-9fff-b5690d862828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40350", "type": "seen", "source": "https://t.me/kasperskyb2b/826", "content": "\ud83d\ude35\u200d\ud83d\udcab Jenkins \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u043e 15 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 13 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\u0445, 4 \u0438\u0437 \u043d\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 9 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445. \u0410 \u0432\u043e\u0442 \u0430\u0432\u0442\u043e\u0440\u044b \u0435\u0449\u0451 \u0447\u0435\u0442\u044b\u0440\u0451\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u0439 \u0442\u0430\u043a \u0438 \u043d\u0435 \u0440\u0430\u0437\u0440\u043e\u0434\u0438\u043b\u0438\u0441\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2023-40350 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Docker Swarm.\n\n\u0411\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b: Blue Ocean, Config File Provider, Delphix, Flaky Test Handler, Folders, Fortify, NodeJS, Shortcut Job, Tuleap Authentication.\n \n\u041d\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439: Docker Swarm, Favorite View, Gogs, Maven Artifact ChoiceListProvider (Nexus).\n\n\u0412\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c\u0438 \u043f\u043e\u043a\u0430 \u0432\u0440\u043e\u0434\u0435 \u0431\u044b \u043d\u0435 \u0431\u044b\u043b\u043e. \n\n\u041f\u0440\u0438\u044f\u0442\u043d\u043e, \u0447\u0442\u043e Jenkins \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u043f\u043e\u0437\u0438\u0446\u0438\u044e \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u0439 \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0430\u0432\u0442\u043e\u0440\u0430\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0441 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0425\u043e\u0440\u043e\u0448\u043e \u0431\u044b \u0443 Wordpress \u0438 Chrome \u0431\u044b\u043b\u043e \u0442\u0430\u043a \ud83d\ude14\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-22T08:40:26.000000Z"}, {"uuid": "09b8cca9-15cd-480e-8012-e12886f0faf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40356", "type": "seen", "source": "https://t.me/cvedetector/384", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-40356 - PingOne MFA Integration Kit contains a vulnerabili\", \n  \"Content\": \"CVE ID : CVE-2023-40356 \nPublished : July 9, 2024, 4:15 p.m. | 37\u00a0minutes ago \nDescription : PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA configuration. Under certain conditions, this configuration could allow for a new MFA device to be paired with a target user account without requiring second-factor authentication from the target\u2019s existing registered devices. A threat actor might be able to exploit this vulnerability to register their own MFA device with a target user\u2019s account if they have existing knowledge of the target user\u2019s first factor credential. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T18:58:12.000000Z"}, {"uuid": "fe8f0e74-8ac7-4ca9-b909-640524e5f542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40355", "type": "published-proof-of-concept", "source": "Telegram/8pn_YRmKLZATHaktlC2g4-yIAsXhLO6iahHWEbmhAMZXmVE", "content": "", "creation_timestamp": "2025-05-01T23:00:06.000000Z"}, {"uuid": "40834898-9be8-4b21-a66c-7ff95ee25061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40355", "type": "seen", "source": "https://t.me/ctinow/197859", "content": "https://ift.tt/B5cvAn0\nCVE-2023-40355 | Axigen up to 10.3.3.58/10.4.18/10.5.4 cross site scripting", "creation_timestamp": "2024-03-01T18:21:32.000000Z"}, {"uuid": "61206df1-d555-4ad4-878d-9e58299cf6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40355", "type": "seen", "source": "https://t.me/ctinow/180584", "content": "https://ift.tt/KsUvETZ\nCVE-2023-40355", "creation_timestamp": "2024-02-07T09:31:20.000000Z"}, {"uuid": "f63c2ebd-9a0b-4e08-964f-065f5600bb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40353", "type": "seen", "source": "https://t.me/cibsecurity/70122", "content": "\u203c CVE-2023-40353 \u203c\n\nAn issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-08T07:19:14.000000Z"}, {"uuid": "f2920da7-d939-4ddd-a1ca-ce5e148b127c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40357", "type": "seen", "source": "https://t.me/cibsecurity/69990", "content": "\u203c CVE-2023-40357 \u203c\n\nMultiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T14:17:54.000000Z"}, {"uuid": "e468d22a-6e2b-44fc-9d14-f70a3bf3729d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4035", "type": "seen", "source": "https://t.me/cibsecurity/69456", "content": "\u203c CVE-2023-4035 \u203c\n\nThe Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T18:12:48.000000Z"}, {"uuid": "6c09f6b2-f59c-484f-9d9a-31baf4f0f086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40352", "type": "seen", "source": "https://t.me/cibsecurity/68908", "content": "\u203c CVE-2023-40352 \u203c\n\nMcAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T22:41:32.000000Z"}, {"uuid": "bfe1d86f-8584-40e8-982c-6b0bbe75c67d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40350", "type": "seen", "source": "https://t.me/cibsecurity/68658", "content": "\u203c CVE-2023-40350 \u203c\n\nJenkins Docker Swarm Plugin 1.11 and earlier does not escape values returned from Docker before inserting them into the Docker Swarm Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control responses from Docker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:48.000000Z"}, {"uuid": "964377de-8ceb-458c-ae7e-b9e168e06705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40351", "type": "seen", "source": "https://t.me/cibsecurity/68649", "content": "\u203c CVE-2023-40351 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:39.000000Z"}, {"uuid": "3d5a88de-0325-45f4-8a37-84a2561c08d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40354", "type": "seen", "source": "https://t.me/cibsecurity/68455", "content": "\u203c CVE-2023-40354 \u203c\n\nAn issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a \"maxctrl create service\" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T20:19:30.000000Z"}, {"uuid": "02ca287d-507b-48c9-86c6-8595b515359b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40359", "type": "seen", "source": "https://t.me/cibsecurity/68452", "content": "\u203c CVE-2023-40359 \u203c\n\nxterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T20:19:27.000000Z"}, {"uuid": "40869b27-0711-444d-8305-4b01321d4e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40359", "type": "seen", "source": "https://t.me/cultofwire/1098", "content": "ANSI Terminal security in 2023 and finding 10 CVEs.\n\n\u041a\u0440\u0443\u0442\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0442 \u0414\u044d\u0432\u0438\u0434\u0430 \u041b\u0438\u0434\u0431\u0435\u0439\u0442\u0430 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430\u0445 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432 \u0441 \u0430\u043a\u0446\u0435\u043d\u0442\u043e\u043c \u043d\u0430 \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u043a\u043e\u0434\u043e\u043c. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 10 CVE \u0434\u043b\u044f \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 (Remote Code Execution, RCE), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u041c\u0435\u043d\u0435\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0437\u0434\u0435\u0441\u044c: \nThe Terminal Escapes: Engineering unexpected execution from command line interfaces\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 CVE \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430\u0445 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u0430:\n- CVE-2022-45872 - iTerm2 DECRQSS\n- CVE-2022-44702 - Windows Terminal + WSL working directory\n- CVE-2022-47583 - mintty DECRQSS\n- CVE-2022-45063 - xterm OSC 50\n- CVE-2022-46387 - ConEmu Title\n- CVE-2023-39150 - ConEmu Title Take 2\n- CVE-2022-4170  - rxvt-unicode background\n- CVE-2022-23465 - SwiftTerm DECRQSS\n- CVE-2022-46663 - less OSC 8\n- CVE-2023-39726 - mintty OSC 50\n- CVE-2023-40359 - xterm ReGIS\n- CVE-2023-40216 - OpenBSD wscons parameter overflow", "creation_timestamp": "2023-11-08T13:02:31.000000Z"}]}