{"vulnerability": "cve-2024-2597", "sightings": [{"uuid": "8c3f39ab-ad67-4bdf-9667-82c358c8e800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25973", "type": "seen", "source": "https://t.me/arpsyndicate/3698", "content": "#ExploitObserverAlert\n\nCVE-2024-25973\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25973. The Frentix GmbH OpenOlat LMS is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities.\u00a0An attacker with rights to create or edit groups can create a course with a name that contains an XSS payload. Furthermore, attackers with the permissions to create or rename a catalog (sub-category) can enter unfiltered input in the name field. In addition, attackers who are allowed to create curriculums can also enter unfiltered input in the name field. This allows an attacker to execute stored JavaScript code with the permissions of the victim in the context of the user's browser.", "creation_timestamp": "2024-02-21T06:50:56.000000Z"}, {"uuid": "ca75a8d7-9824-40d4-90f1-687554ac1ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25973", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4120", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25973\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-02-20T08:15:07.717\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. http://seclists.org/fulldisclosure/2024/Feb/23\n2. https://r.sec-consult.com/openolat\n3. http://seclists.org/fulldisclosure/2024/Feb/23\n4. https://r.sec-consult.com/openolat", "creation_timestamp": "2025-02-12T19:08:25.000000Z"}, {"uuid": "06c4bf4a-4d96-4298-991b-f4649679cf83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25973", "type": "seen", "source": "Telegram/fxSMwfJrf6S5nKHlXoysLDc7rAh16FbgGhFXsfAqng_Qi934", "content": "", "creation_timestamp": "2025-02-14T10:05:09.000000Z"}, {"uuid": "beecfcf8-b3dc-4757-968e-0a2a3242585c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25978", "type": "seen", "source": "https://t.me/arpsyndicate/3656", "content": "#ExploitObserverAlert\n\nCVE-2024-25978\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25978. Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.", "creation_timestamp": "2024-02-20T18:23:55.000000Z"}, {"uuid": "bf6ec06d-25ed-489e-9388-9b75486b4e8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25976", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7852", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25976\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the content of \"$_SERVER['PHP_SELF']\" is reflected into the HTML of the website. Hence the attacker does not need a valid account in order to exploit this issue.\n\ud83d\udccf Published: 2024-05-29T12:22:46.526Z\n\ud83d\udccf Modified: 2025-03-17T20:39:15.968Z\n\ud83d\udd17 References:\n1. https://r.sec-consult.com/hawki\n2. https://github.com/HAWK-Digital-Environments/HAWKI/commit/146967f3148e92d1640ffebc21d8914e2d7fb3f1\n3. http://seclists.org/fulldisclosure/2024/May/34", "creation_timestamp": "2025-03-17T20:47:08.000000Z"}, {"uuid": "b3ae050d-deee-4ac3-aaf0-0053568dcdcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25979", "type": "seen", "source": "https://t.me/arpsyndicate/3670", "content": "#ExploitObserverAlert\n\nCVE-2024-25979\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25979. The URL parameters accepted by forum search were not limited to the allowed parameters.", "creation_timestamp": "2024-02-20T18:47:03.000000Z"}, {"uuid": "66e194ef-2228-4495-bf3d-6aa8f4c12517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25979", "type": "seen", "source": "https://t.me/ctinow/203234", "content": "https://ift.tt/MrRHjCv\nCVE-2024-25979 | Moodle prior 4.3.3/4.1.9 Forum Search parameters (FEDORA-2024-d2f180202f)", "creation_timestamp": "2024-03-08T11:51:32.000000Z"}, {"uuid": "a631d7b0-963d-4eb4-b952-657343d0f703", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25974", "type": "seen", "source": "https://t.me/arpsyndicate/3743", "content": "#ExploitObserverAlert\n\nCVE-2024-25974\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25974. The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scripting (XSS) vulnerability.\u00a0It is possible to upload files within the Media Center of OpenOlat version 18.1.5 (or lower) as an authenticated user without any other rights. Although the filetypes are limited, an SVG image containing an XSS payload can be uploaded.\u00a0After a successful upload the file can be shared with groups of users (including admins) who can be attacked with the JavaScript payload.", "creation_timestamp": "2024-02-21T07:46:41.000000Z"}, {"uuid": "d60ad27c-a5f2-4c9c-85a8-95c3759ae8d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2597", "type": "seen", "source": "https://t.me/ctinow/210646", "content": "https://ift.tt/RuhYMWK\nCVE-2024-2597", "creation_timestamp": "2024-03-18T15:26:40.000000Z"}, {"uuid": "1854f8bc-1a9d-4d8f-a4f5-36fa50c6bf52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25978", "type": "seen", "source": "https://t.me/ctinow/203250", "content": "https://ift.tt/hm8s7Qx\nCVE-2024-25978 | Moodle prior 4.3.3/4.1.9 File Picker resource consumption (FEDORA-2024-d2f180202f)", "creation_timestamp": "2024-03-08T12:27:16.000000Z"}, {"uuid": "9f80ac41-cb6b-42ea-a701-fef625228399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25973", "type": "seen", "source": "https://t.me/ctinow/188246", "content": "https://ift.tt/Wh76in2\nCVE-2024-25973", "creation_timestamp": "2024-02-20T09:26:07.000000Z"}, {"uuid": "642d33b7-c8e2-46dc-812c-2373440a449d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25972", "type": "seen", "source": "https://t.me/ctinow/197509", "content": "https://ift.tt/x8cQWiY\nCVE-2024-25972", "creation_timestamp": "2024-03-01T11:26:42.000000Z"}, {"uuid": "45b82efb-59c5-4fc0-9373-e26ae6265094", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25972", "type": "seen", "source": "https://t.me/ctinow/197511", "content": "https://ift.tt/x8cQWiY\nCVE-2024-25972", "creation_timestamp": "2024-03-01T11:31:58.000000Z"}, {"uuid": "e8821736-369e-4670-811a-99e33f22d70b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25974", "type": "seen", "source": "https://t.me/ctinow/188250", "content": "https://ift.tt/qtX5A2V\nCVE-2024-25974", "creation_timestamp": "2024-02-20T09:31:46.000000Z"}, {"uuid": "aa6520f7-a6ea-4f66-b342-9dc746973508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25973", "type": "seen", "source": "https://t.me/ctinow/188249", "content": "https://ift.tt/Wh76in2\nCVE-2024-25973", "creation_timestamp": "2024-02-20T09:31:45.000000Z"}, {"uuid": "4602adc8-958a-4086-a772-f815d7d3cf01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25979", "type": "seen", "source": "https://t.me/ctinow/187855", "content": "https://ift.tt/pqrXAV8\nCVE-2024-25979", "creation_timestamp": "2024-02-19T18:26:47.000000Z"}, {"uuid": "74fa43f6-3bd8-4300-96a3-c26500ea85ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25978", "type": "seen", "source": "https://t.me/ctinow/187854", "content": "https://ift.tt/0EoTk3H\nCVE-2024-25978", "creation_timestamp": "2024-02-19T18:26:46.000000Z"}, {"uuid": "56bb8045-a271-4fe5-801a-c19580cba411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25979", "type": "seen", "source": "https://t.me/ctinow/187862", "content": "https://ift.tt/pqrXAV8\nCVE-2024-25979", "creation_timestamp": "2024-02-19T18:26:55.000000Z"}, {"uuid": "d631f8b0-001b-43a8-90f4-143ed9527497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25978", "type": "seen", "source": "https://t.me/ctinow/187861", "content": "https://ift.tt/0EoTk3H\nCVE-2024-25978", "creation_timestamp": "2024-02-19T18:26:54.000000Z"}]}