{"vulnerability": "cve-2025-4084", "sightings": [{"uuid": "3b49fc48-4c47-45f3-8e10-246a990e8366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40846", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lonnt2m4bdj2", "content": "", "creation_timestamp": "2025-05-08T11:29:11.867210Z"}, {"uuid": "5e379132-f347-4583-a75f-da6597366723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4084", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnxn33kisg2g", "content": "", "creation_timestamp": "2025-04-29T15:50:30.199441Z"}, {"uuid": "5700d72d-79b3-459d-8ff1-33059e972bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40846", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lonw6awimm24", "content": "", "creation_timestamp": "2025-05-08T12:31:47.261615Z"}, {"uuid": "6e75d1b0-0fc1-4b1b-b8ad-4eacacbfc3db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40843", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4bssbhdxu2g", "content": "", "creation_timestamp": "2025-10-28T20:52:09.591350Z"}, {"uuid": "5832f3f3-139c-47c1-a499-f23239a1dcdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40846", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15506", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40846\n\ud83d\udd25 CVSS Score: 7.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:L/VA:N/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/RE:L/U:Red)\n\ud83d\udd39 Description: Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to malicious websites (Open Redirect) and\u00a0inject JavaScript code to perform cross site scripting attack.\n\nThe vulnerability affects Halo versions up to 2.174.101 and all versions between 2.175.1 and 2.184.21\n\ud83d\udccf Published: 2025-05-08T08:15:06.510Z\n\ud83d\udccf Modified: 2025-05-08T08:15:06.510Z\n\ud83d\udd17 References:\n1. https://support.haloservicedesk.com/kb?id=2501", "creation_timestamp": "2025-05-08T09:23:47.000000Z"}, {"uuid": "87982702-a5f7-41dd-a6e6-ee5a8a9365bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40842", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhvbm5omzu24", "content": "", "creation_timestamp": "2026-03-25T14:14:53.419096Z"}, {"uuid": "582ac367-2ede-48f5-af39-525817a4488f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40841", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhvdscayn52z", "content": "", "creation_timestamp": "2026-03-25T14:54:07.036572Z"}, {"uuid": "d57ca3c0-34bf-4b92-845b-6041b92cd106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40846", "type": "seen", "source": "Telegram/jHnWvNabCg5nBq0cGNPWlFRtdOm-OMSm2hC1QiZZeG_Nzo4", "content": "", "creation_timestamp": "2025-05-08T11:30:59.000000Z"}, {"uuid": "3f5ef8bc-52a4-4651-a1f6-dc736c6ca659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4084", "type": "seen", "source": "https://t.me/cvedetector/23993", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4084 - \"Firefox/Thunderbird Escaping Vulnerability (Local Code Execution)\"\", \n  \"Content\": \"CVE ID : CVE-2025-4084 \nPublished : April 29, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : Due to insufficient escaping of the special characters in the \"copy as cURL\" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.  \n*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird ESR < 128.10. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T16:49:35.000000Z"}, {"uuid": "0f8b06e7-10d7-4058-b80c-5087c62f8581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40846", "type": "seen", "source": "https://t.me/cvedetector/24815", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40846 - Halo Open Redirect and Cross Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-40846 \nPublished : May 8, 2025, 9:15 a.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to malicious websites (Open Redirect) and\u00a0inject JavaScript code to perform cross site scripting attack.  \n  \nThe vulnerability affects Halo versions up to 2.174.101 and all versions between 2.175.1 and 2.184.21 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T13:26:03.000000Z"}]}