{"vulnerability": "cve-2024-4889", "sightings": [{"uuid": "4875abb0-4222-4861-95f6-b394879bc3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48896", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503690821793409", "content": "", "creation_timestamp": "2024-11-18T11:21:16.530714Z"}, {"uuid": "8ea5e1c9-5621-42f4-8745-ee49d008a880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48898", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503690849269829", "content": "", "creation_timestamp": "2024-11-18T11:21:17.014372Z"}, {"uuid": "a0c4b055-778d-4291-918b-c03777651e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48897", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503690836056547", "content": "", "creation_timestamp": "2024-11-18T11:21:17.228416Z"}, {"uuid": "794c517c-f256-4526-bbb9-551becccee32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48895", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514131861747760", "content": "", "creation_timestamp": "2024-11-20T07:36:34.589297Z"}, {"uuid": "a512caf0-f4ee-4c65-bd67-e5f83e414612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48899", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514874746848442", "content": "", "creation_timestamp": "2024-11-20T10:45:30.016285Z"}, {"uuid": "b6db19fd-33b7-45bb-a055-48b7b1daa9af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48890", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgwyuidj2r", "content": "", "creation_timestamp": "2025-01-14T14:17:52.189761Z"}, {"uuid": "7adb2cd9-6ada-4928-9cac-9a9973bedb15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48893", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgx36hjj2r", "content": "", "creation_timestamp": "2025-01-14T14:17:54.743499Z"}, {"uuid": "5967ed71-3e0d-46f9-8828-1e90372db7a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48890", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827650404483352", "content": "", "creation_timestamp": "2025-01-14T16:28:27.482103Z"}, {"uuid": "c708adb8-7f89-48de-8339-2a29c9710ac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48893", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827650419786029", "content": "", "creation_timestamp": "2025-01-14T16:28:27.712855Z"}, {"uuid": "8653972c-f593-4a6d-937d-2f8b4f237725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48894", "type": "seen", "source": "https://infosec.place/objects/c64a7470-9214-4b89-81ae-02a9771103e8", "content": "", "creation_timestamp": "2025-12-01T15:30:06.269454Z"}, {"uuid": "aae9f9b3-3259-4bd4-ad89-c6b76fec769b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48899", "type": "seen", "source": "https://t.me/cvedetector/11581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48899 - Moodle Course Badge Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48899 \nPublished : Nov. 20, 2024, 11:15 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T12:54:05.000000Z"}, {"uuid": "462a52a6-c434-4d79-aa6f-fd0d8ff85537", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48890", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1770", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48890\n\ud83d\udd39 Description: An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook\n\ud83d\udccf Published: 2025-01-14T14:09:50.944Z\n\ud83d\udccf Modified: 2025-01-15T14:55:00.652Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-415", "creation_timestamp": "2025-01-15T15:10:50.000000Z"}, {"uuid": "62912703-7fff-49b5-8d57-f6441413aec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48893", "type": "seen", "source": "https://t.me/cvedetector/15256", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48893 - FortiSOAR Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-48893 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via the creation of malicious playbook. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:39.000000Z"}, {"uuid": "8b26a089-1acf-4794-a35f-b43ecdc8df5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48890", "type": "seen", "source": "https://t.me/cvedetector/15255", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48890 - FortiSOAR OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48890 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:39.000000Z"}, {"uuid": "5439151a-15d7-45e0-9323-dc41f72c2260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48897", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:29.000000Z"}, {"uuid": "dc789bf2-c5ca-49a1-b670-3fda278d0766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48893", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1600", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48893\n\ud83d\udd39 Description: An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via the creation of malicious playbook.\n\ud83d\udccf Published: 2025-01-14T14:08:29.839Z\n\ud83d\udccf Modified: 2025-01-14T20:57:27.993Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-405", "creation_timestamp": "2025-01-14T21:10:02.000000Z"}, {"uuid": "e8ad758a-4693-447d-ae60-6602bb09339a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48895", "type": "seen", "source": "https://t.me/cvedetector/11568", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48895 - Rakuten Turbo 5G OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48895 \nPublished : Nov. 20, 2024, 8:15 a.m. | 46\u00a0minutes ago \nDescription : Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Rakuten Turbo 5G firmware version V1.3.18 and earlier. If this vulnerability is exploited, a remote authenticated attacker may execute an arbitrary OS command. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T10:23:40.000000Z"}, {"uuid": "828fecfd-265c-4e05-9e9c-f6a9fd2a0064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48898", "type": "seen", "source": "https://t.me/cvedetector/11329", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48898 - Moodle Report Audience Deletion Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-48898 \nPublished : Nov. 18, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T14:02:34.000000Z"}, {"uuid": "042db408-cb12-4b92-9bb9-2b4f54340594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48897", "type": "seen", "source": "https://t.me/cvedetector/11328", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48897 - Moodle RSS Feed Permission Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-48897 \nPublished : Nov. 18, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T14:02:34.000000Z"}, {"uuid": "80bc0727-8ea6-4ec2-ad50-91d89a7e73f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48896", "type": "seen", "source": "https://t.me/cvedetector/11326", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48896 - Moodle Profile Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48896 \nPublished : Nov. 18, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability was found in Moodle. It is possible for users with the \"send message\" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T14:02:32.000000Z"}, {"uuid": "ac209894-2df4-4800-903f-569eb6ed6bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48893", "type": "seen", "source": "Telegram/vqeWCmvH-cGWmbEYXFLkYqU_FXvoJsycNAVHUQbAPa15UE9J", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "0157695c-a1ca-4ed2-bbd6-c133d3ba7e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48890", "type": "seen", "source": "Telegram/iOL0w_xhGiQpN9Umu6rSOXS7BqlaQewze_NhaWr2_uwA5HJ9", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}]}