{"vulnerability": "cve-2023-3971", "sightings": [{"uuid": "d0f6e90b-ae15-4f4c-80ef-fa9e00d56bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39710", "type": "seen", "source": "https://t.me/cibsecurity/69651", "content": "\u203c CVE-2023-39710 \u203c\n\nMultiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T18:13:53.000000Z"}, {"uuid": "3fa3798d-715a-4c93-8cad-e3a40f8c10df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3971", "type": "seen", "source": "https://t.me/cibsecurity/71590", "content": "\u203c CVE-2023-3971 \u203c\n\nAn HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T18:12:25.000000Z"}, {"uuid": "d70370cd-cb2f-4842-9629-1d4f9503d685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39712", "type": "seen", "source": "https://t.me/cibsecurity/70165", "content": "\u203c CVE-2023-39712 \u203c\n\nMultiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-09T01:20:25.000000Z"}, {"uuid": "5b073a7f-60dc-420c-ac75-23b579265794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39711", "type": "seen", "source": "https://t.me/cibsecurity/70079", "content": "\u203c CVE-2023-39711 \u203c\n\nMultiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-07T18:18:45.000000Z"}, {"uuid": "7fee524b-6d42-429c-9916-0c9308a256de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39714", "type": "seen", "source": "https://t.me/cibsecurity/69684", "content": "\u203c CVE-2023-39714 \u203c\n\nMultiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T22:14:03.000000Z"}]}