{"vulnerability": "cve-2023-42808", "sightings": [{"uuid": "6ec998f1-0283-4d44-bd07-45e3f67c6b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42808", "type": "seen", "source": "https://t.me/cibsecurity/71634", "content": "\u203c CVE-2023-42808 \u203c\n\nCommon Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voice\u00e2\u20ac\u2122s server origin. As of time of publication, it is unknown whether any patches or workarounds exist.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-05T00:13:28.000000Z"}]}