{"vulnerability": "GHSA-HCXX-MP6G-6GR9", "sightings": [{"uuid": "9832a3c1-fff1-406f-a276-e288edab4ca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-HCXX-MP6G-6GR9", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17653", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2018-16153\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations.\n\ud83d\udccf Published: 2023-12-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-27T14:35:51.213Z\n\ud83d\udd17 References:\n1. https://www.apereo.org/projects/opencast/news\n2. https://github.com/advisories/GHSA-hcxx-mp6g-6gr9\n3. https://github.com/opencast/opencast/commit/776d5588f39c61eb04c03bb955416c4f77629d51\n4. https://docs.opencast.org/r/10.x/admin/#changelog", "creation_timestamp": "2025-05-27T14:48:50.000000Z"}, {"uuid": "2d10c0ab-b455-4b13-945d-deb75d87cbd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-HCXX-MP6G-6GR9", "type": "seen", "source": "https://t.me/arpsyndicate/2244", "content": "#ExploitObserverAlert\n\nGHSA-hcxx-mp6g-6gr9\n\nDESCRIPTION: Exploit Observer has 4 entries related to GHSA-HCXX-MP6G-6GR9. The issue was mostly mitigated before, drastically reducing the risk. See references below for more information.\n\nGHSS: 7.5", "creation_timestamp": "2023-12-29T11:45:54.000000Z"}]}