{"vulnerability": "cve-2024-4835", "sightings": [{"uuid": "313f1609-f4cb-43cc-b0f0-f891dd7a59a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-48357", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-28T20:13:10.883692Z"}, {"uuid": "1260b5c6-27fa-47d3-bb6e-929115168326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-48356", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-28T20:26:03.784685Z"}, {"uuid": "61ed2c02-9782-4c60-9bb1-9d24dd50bf66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48352", "type": "seen", "source": "https://t.me/itsec_news/4789", "content": "\u200b\u26a1\ufe0f\u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b: \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Yealink Meeting Server \u0443\u0433\u0440\u043e\u0436\u0430\u0435\u0442 140 \u0441\u0442\u0440\u0430\u043d\u0430\u043c\n\n\ud83d\udcac \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 Positive Technologies \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-48352 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446-\u0441\u0432\u044f\u0437\u0438 Yealink Meeting Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u043c \u043f\u043e\u0441\u043b\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f, \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u041f\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u043b\u043e\u0441\u044c 461 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0441 \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c \u0432 \u041a\u0438\u0442\u0430\u0435 (64%), \u0420\u043e\u0441\u0441\u0438\u0438 (13%), \u041f\u043e\u043b\u044c\u0448\u0435 (5%), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0418\u043d\u0434\u043e\u043d\u0435\u0437\u0438\u0438, \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438, \u0422\u0430\u0438\u043b\u0430\u043d\u0434\u0435, \u0424\u0438\u043d\u043b\u044f\u043d\u0434\u0438\u0438, \u0418\u0440\u0430\u043d\u0435 \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438. \u041f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Yealink \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u043e \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0412 2024 \u0433\u043e\u0434\u0443 \u044d\u0442\u043e \u0443\u0436\u0435 \u0432\u0442\u043e\u0440\u043e\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Yealink Meeting Server. \u0420\u0430\u043d\u0435\u0435 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0421\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u0442\u0438\u043f\u0430 Pre-Auth RCE, \u0447\u0442\u043e \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439, \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0432\u0448\u0438\u0445 \u041f\u041e.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0439, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Yealink Meeting Server, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0431\u0438\u0437\u043d\u0435\u0441\u0435 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0443: \u043e\u043d\u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043e\u043d\u043b\u0430\u0439\u043d-\u0441\u043e\u0432\u0435\u0449\u0430\u043d\u0438\u0439, \u0432\u0435\u0431\u0438\u043d\u0430\u0440\u043e\u0432 \u0438 \u0432\u0438\u0434\u0435\u043e\u0437\u0432\u043e\u043d\u043a\u043e\u0432 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u043e\u0432. \u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f. \u041f\u043e\u043c\u0438\u043c\u043e \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u043c\u0435\u0440, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043f\u0430\u0442\u0447\u0435\u0439, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0439 \u043e\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u0432\u0443\u0445\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u0443\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0418\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0442\u0430\u043a\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u044e\u0442 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0430\u0443\u0434\u0438\u0442\u0430 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u041f\u041e, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u043e\u043d\u043b\u0430\u0439\u043d-\u0441\u043e\u0432\u0435\u0449\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u043b\u0438 \u043d\u0435\u043e\u0442\u044a\u0435\u043c\u043b\u0435\u043c\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-11-21T19:16:51.000000Z"}, {"uuid": "9435e40e-3bee-4592-a154-9ed6f61efd80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48353", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6879", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48353\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information.\n\ud83d\udccf Published: 2024-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-07T20:13:09.930Z\n\ud83d\udd17 References:\n1. https://www.yealink.com/en/trust-center/security-advisories/b1998ab629254ca3", "creation_timestamp": "2025-03-07T20:40:24.000000Z"}, {"uuid": "08e7516c-2b1e-4e4a-9c19-a5088c2d8be3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48359", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8893", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-48359 PoC\nURL\uff1ahttps://github.com/OpenXP-Research/CVE-2024-48359\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-30T14:55:48.000000Z"}, {"uuid": "b65d2b0e-da66-4f2f-a739-72f6a53f3bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48359", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18213", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48359\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.\n\ud83d\udccf Published: 2024-10-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-12T16:34:54.344Z\n\ud83d\udd17 References:\n1. https://github.com/OpenXP-Research/CVE-2024-48359\n2. https://www.qualitor.com.br/official-security-advisory-cve-2024-48359", "creation_timestamp": "2025-06-12T17:35:16.000000Z"}, {"uuid": "68abdd27-1a1e-4619-839e-4d57788528c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48352", "type": "seen", "source": "https://t.me/cvedetector/9622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48352 - Yealink Meeting Server Sensitive Data Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48352 \nPublished : Nov. 1, 2024, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T18:42:03.000000Z"}, {"uuid": "d55aaaf9-fa70-457d-8474-f8077fb1b1ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4835", "type": "seen", "source": "https://t.me/cyberbannews_ir/12080", "content": "\ud83d\udce1 \u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 GitLab\n\n\ud83d\udd3a \u0628\u0647 \u062a\u0627\u0632\u06af\u06cc \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2024-4835 \u0648 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 (8.8) \u062f\u0631 GitLab(CE &amp; EE) \u06a9\u0634\u0641 \u0648 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0637\u0628\u0642 \u0628\u0631\u0631\u0633\u06cc\u200c\u0647\u0627\u06cc \u0635\u0648\u0631\u062a \u06af\u0631\u0641\u062a\u0647 \u0627\u06cc\u0646 \u0646\u0642\u0635 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc XSS \u0645\u06cc\u200c\u0628\u0627\u0634\u062f. \n\n\ud83d\udd3a\u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0635\u0641\u062d\u0647 \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u0646\u062f \u0648 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0631\u0627 \u0628\u0647 \u0633\u0631\u0642\u062a \u0628\u0628\u0631\u0646\u062f.\n\n\ud83d\udd3a\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647\u200c\u0637\u0648\u0631 \u062e\u0627\u0635 \u0628\u0631 \u0648\u06cc\u0631\u0627\u06cc\u0634\u06af\u0631 \u06a9\u062f \u062f\u0631 GitLab \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0628\u0647 \u0637\u0648\u0631 \u0628\u0627\u0644\u0642\u0648\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062d\u0633\u0627\u0628\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0631\u0627 \u062a\u0635\u0627\u062d\u0628 \u06a9\u0646\u0646\u062f.\n\n\ud83d\udd18 \u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0645\u0644 \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc \n\n\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\n\ud83e\udda0 @cyberbannews_ir", "creation_timestamp": "2024-05-26T10:25:43.000000Z"}, {"uuid": "8a08afc4-242b-41a1-8a26-aea3a45713c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48353", "type": "seen", "source": "https://t.me/cvedetector/9629", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48353 - Yealink Meeting Server Cryptographic Key Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48353 \nPublished : Nov. 1, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T19:32:16.000000Z"}, {"uuid": "91acca7f-11dc-4f3f-9744-ecc9fc7c40b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48359", "type": "seen", "source": "https://t.me/cvedetector/9534", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48359 - Qualitor GridValoresPopHidden Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48359 \nPublished : Oct. 31, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T21:57:41.000000Z"}, {"uuid": "73b0a7a3-6d19-4098-806b-fb76a76b13f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4835", "type": "seen", "source": "https://t.me/HackingInsights/845", "content": "\u200aCVE-2024-4835: GitLab Fixes Account Takeover Vulnerability\n\nhttps://securityonline.info/cve-2024-4835-gitlab-fixes-account-takeover-vulnerability/", "creation_timestamp": "2024-05-23T19:33:10.000000Z"}, {"uuid": "5cc08164-5962-42c0-92a5-2cc13590ebb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48357", "type": "seen", "source": "https://t.me/cvedetector/9171", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48357 - LyLme Spage SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48357 \nPublished : Oct. 28, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T22:01:24.000000Z"}, {"uuid": "79bd4d29-5e72-401b-8eb6-b521f76f0ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48356", "type": "seen", "source": "https://t.me/cvedetector/9188", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48356 - LyLme Spage SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48356 \nPublished : Oct. 28, 2024, 9:15 p.m. | 32\u00a0minutes ago \nDescription : LyLme Spage &lt;=1.6.0\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T22:51:49.000000Z"}, {"uuid": "e2f182c2-d6b7-467b-9bf0-c35f45f63458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4835", "type": "seen", "source": "https://t.me/HackingInsights/968", "content": "\u200aCVE-2020-17519 in Apache Flink Enters CISA\u2019s KEV Catalog &amp; GitLab Patches XSS Flaw, CVE-2024-4835\n\nhttps://malware.news/t/cve-2020-17519-in-apache-flink-enters-cisa-s-kev-catalog-gitlab-patches-xss-flaw-cve-2024-4835/82307", "creation_timestamp": "2024-05-27T07:08:42.000000Z"}, {"uuid": "89b602bc-69d2-4e68-b5ef-cb9757c85557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4835", "type": "seen", "source": "https://t.me/breachdetector/534864", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"\u041d\u0435 \u0436\u0434\u0438\u0442\u0435, \u043f\u043e\u043a\u0430 \u0432\u0430\u0448 \u0430\u043a\u043a\u0430\u0443\u043d\u0442 \u0432\u0437\u043b\u043e\u043c\u0430\u044e\u0442: CVE-2024-4835 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"27 May 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-05-27T14:30:44.000000Z"}]}