{"vulnerability": "cve-2023-3753", "sightings": [{"uuid": "b1819e73-2bcd-4035-9235-e63f379875fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37535", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo37eyyd6h2h", "content": "", "creation_timestamp": "2025-05-01T01:56:05.922176Z"}, {"uuid": "898df881-32c1-4f3e-9d95-764043a6d368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37534", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13280", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37534\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N)\n\ud83d\udd39 Description: Insufficient URI protocol whitelist in HCL Leap\nallows script injection through query parameters.\n\ud83d\udccf Published: 2025-04-24T16:27:14.488Z\n\ud83d\udccf Modified: 2025-04-24T16:27:14.488Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119900", "creation_timestamp": "2025-04-24T17:06:31.000000Z"}, {"uuid": "9e209ca1-3326-4b58-8156-ffbcf2218576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37535", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14186", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37535\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N)\n\ud83d\udd39 Description: Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap\nallow script injection through query parameters.\n\ud83d\udccf Published: 2025-04-30T21:12:38.618Z\n\ud83d\udccf Modified: 2025-04-30T21:12:38.618Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120722", "creation_timestamp": "2025-04-30T22:14:23.000000Z"}, {"uuid": "b7cb891c-b17b-4a78-a3f0-64be78864421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37534", "type": "seen", "source": "https://t.me/cvedetector/23702", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-37534 - HCL Leap URI Protocol Whitelist Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-37534 \nPublished : April 24, 2025, 5:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : Insufficient URI protocol whitelist in HCL Leap  \nallows script injection through query parameters. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T20:35:39.000000Z"}, {"uuid": "eb7ecb34-b3eb-49f5-a51c-21ee7630f261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37535", "type": "seen", "source": "https://t.me/cvedetector/24166", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-37535 - HCL Domino Volt and Domino Leap Unvalidated Request Parameter Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-37535 \nPublished : April 30, 2025, 10:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap  \nallow script injection through query parameters. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T02:17:24.000000Z"}, {"uuid": "da9af64c-780a-4b23-8574-8409e1195803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37537", "type": "seen", "source": "https://t.me/cibsecurity/72433", "content": "\u203c CVE-2023-37537 \u203c\n\nAn unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC), may allow a local attacker to gain elevated privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T18:33:03.000000Z"}, {"uuid": "3c223c0d-2714-4393-8bf6-3b3689e4460b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180656", "content": "https://ift.tt/yiW24CN\nCVE-2023-37536 | Oracle Communications IP Service Activator 7.4.0/7.5.0 PolicyServer integer overflow", "creation_timestamp": "2024-02-07T12:11:51.000000Z"}, {"uuid": "f1b99d7b-b48e-4b3c-bda1-4ed530ab5280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180576", "content": "https://ift.tt/h2ZIur6\nCVE-2023-37536 | Oracle Communications Network Charging and Control up to 12.0.6.0.0/6.0.1.0.0 Common Functions integer overflow", "creation_timestamp": "2024-02-07T09:11:07.000000Z"}, {"uuid": "b2d34249-0324-4302-9810-4272c7392486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180575", "content": "https://ift.tt/9yeqZ7f\nCVE-2023-37536 | Oracle Communications MetaSolv Solution 6.3.1.0.0 UI General integer overflow", "creation_timestamp": "2024-02-07T09:11:05.000000Z"}, {"uuid": "01eea325-6de2-48f7-b5b2-ee405def5db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180571", "content": "https://ift.tt/Sbm1Zj9\nCVE-2023-37536 | Oracle Communications Convergent Charging Controller up to 12.0.6.0.0/6.0.1.0.0 Common Functions Privilege Escalation", "creation_timestamp": "2024-02-07T08:41:46.000000Z"}, {"uuid": "f261ff04-6d21-4cb7-ac38-195e296b18eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180570", "content": "https://ift.tt/NWBSlV1\nCVE-2023-37536 | Oracle Communications Billing and Revenue Management up to 12.0.0.8.0/15.0.0.0.0 Platform integer overflow", "creation_timestamp": "2024-02-07T08:41:45.000000Z"}, {"uuid": "1fe0b3cf-4e93-4942-8bd3-aded7c76421d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180569", "content": "https://ift.tt/xhurH9O\nCVE-2023-37536 | Oracle Communications ASAP 7.4 Security integer overflow", "creation_timestamp": "2024-02-07T08:41:44.000000Z"}, {"uuid": "ccddeacd-c375-4d6d-9511-18f9948096b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/ctinow/180737", "content": "https://ift.tt/TAEKjwn\nCVE-2023-37536 | Oracle Communications Diameter Signaling Router 8.6.0.0 Platform Privilege Escalation", "creation_timestamp": "2024-02-07T15:17:03.000000Z"}, {"uuid": "f3f2a401-23ea-48be-85e3-991df6eaf52c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37536", "type": "seen", "source": "https://t.me/cibsecurity/72064", "content": "\u203c CVE-2023-37536 \u203c\n\nAn integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T12:17:18.000000Z"}, {"uuid": "8a9b649b-0afc-4a31-b94d-b600fb99f500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37538", "type": "seen", "source": "https://t.me/cibsecurity/72092", "content": "\u203c CVE-2023-37538 \u203c\n\nHCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T16:22:43.000000Z"}, {"uuid": "8fbde6d8-30d3-46b5-9a14-cb9379044700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3753", "type": "seen", "source": "https://t.me/cibsecurity/66991", "content": "\u203c CVE-2023-3753 \u203c\n\nA vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234423. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T07:25:05.000000Z"}]}