{"vulnerability": "cve-2023-4493", "sightings": [{"uuid": "cf2049f6-04c9-4dfc-a1b3-26a94f6e5911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4493", "type": "seen", "source": "https://t.me/cibsecurity/71577", "content": "\u203c CVE-2023-4493 \u203c\n\nStored Cross-Site Scripting in Easy Address Book Web Server 1.6 version, through the users_admin.ghp file that affects multiple parameters such as (firstname, homephone, lastname, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate, workzip). This vulnerability allows a remote attacker to store a malicious JavaScript payload in the application to be executed when the page is loaded, resulting in an integrity impact.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T16:12:11.000000Z"}]}