{"vulnerability": "cve-2024-4512", "sightings": [{"uuid": "9075b172-4b20-467c-b13d-f64be9047083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45123", "type": "seen", "source": "https://t.me/cvedetector/7589", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45123 - Adobe Commerce Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45123 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:53.000000Z"}, {"uuid": "5753d443-9fd6-4c11-9f2a-b8a673e8fa6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45122", "type": "seen", "source": "https://t.me/cvedetector/7588", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45122 - Adobe Commerce Improper Access Control Feature Bypass vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45122 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:49.000000Z"}, {"uuid": "f3f43ddd-720f-40d0-9527-157082d8d388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45128", "type": "seen", "source": "https://t.me/cvedetector/7587", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45128 - Adobe Commerce Improper Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45128 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:48.000000Z"}, {"uuid": "6fcf039f-2429-496e-bf09-c715d30bbed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45127", "type": "seen", "source": "https://t.me/cvedetector/7586", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45127 - Adobe Commerce Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45127 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:47.000000Z"}, {"uuid": "5278ed5d-a684-49bb-929a-0225b27b8787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45129", "type": "seen", "source": "https://t.me/cvedetector/7583", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45129 - Adobe Commerce Improper Access Control Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-45129 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:42.000000Z"}, {"uuid": "3a4857f5-6253-4366-95bf-59b83507d851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45125", "type": "seen", "source": "https://t.me/cvedetector/7591", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45125 - Adobe Commerce Incorrect Authorization Security Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45125 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:54.000000Z"}, {"uuid": "27e43248-987f-46d1-b271-99370bd79c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45124", "type": "seen", "source": "https://t.me/cvedetector/7590", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45124 - Adobe Commerce Improper Access Control Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45124 \nPublished : Oct. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-10T13:24:53.000000Z"}]}