{"vulnerability": "cve-2023-3752", "sightings": [{"uuid": "89aee63b-343b-44d8-b781-5dcd48ed7042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37522", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18529", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37522\n\ud83d\udd25 CVSS Score: 5.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser. \n\n\ud83d\udccf Published: 2024-01-16T15:59:35.415Z\n\ud83d\udccf Modified: 2025-06-16T19:54:19.639Z\n\ud83d\udd17 References:\n1. https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754", "creation_timestamp": "2025-06-16T20:37:12.000000Z"}, {"uuid": "28e74a96-5551-468b-9573-ba87a1cd5bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37527", "type": "seen", "source": "https://t.me/ctinow/192893", "content": "https://ift.tt/7uZcYUp\nCVE-2023-37527 | HCL BigFix Platform up to 9.5.23/10.0.10 Web Reports cross site scripting (KB0110209)", "creation_timestamp": "2024-02-25T14:46:16.000000Z"}, {"uuid": "e7e14d74-bd82-483d-86e0-1c20d7966af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37528", "type": "seen", "source": "https://t.me/ctinow/192927", "content": "https://ift.tt/9ku0mvg\nCVE-2023-37528 | HCL BigFix Platform up to 9.5.23/10.0.9 Save Report cross site scripting (KB0110209)", "creation_timestamp": "2024-02-25T16:21:47.000000Z"}, {"uuid": "ff2affb9-4dcb-4a6f-8497-c584d9dc01f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37522", "type": "seen", "source": "https://t.me/ctinow/179925", "content": "https://ift.tt/XY7G9Tf\nCVE-2023-37522 | HCL Software BigFix OSD Bare Metal Server WebUI up to 311.19 Remote Code Execution (KB0109754)", "creation_timestamp": "2024-02-06T11:41:07.000000Z"}, {"uuid": "bf487111-b680-412e-8923-66053133ea55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37527", "type": "seen", "source": "https://t.me/ctinow/178257", "content": "https://ift.tt/Sbgfcx6\nCVE-2023-37527", "creation_timestamp": "2024-02-02T20:31:17.000000Z"}, {"uuid": "8bc7627d-2ffb-405b-9cc4-064a4ce2c320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37521", "type": "seen", "source": "https://t.me/ctinow/179885", "content": "https://ift.tt/T8QCNE1\nCVE-2023-37521 | HCL BigFix OSD Bare Metal Server WebUI up to 311.19 Query String information disclosure (KB0109754)", "creation_timestamp": "2024-02-06T10:41:42.000000Z"}, {"uuid": "a310602d-a548-495f-905f-20ec63b3a384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37523", "type": "seen", "source": "https://t.me/ctinow/180113", "content": "https://ift.tt/uzsHPAa\nCVE-2023-37523 | HCL BigFix OSD Bare Metal Server WebUI up to 311.19 cross site scripting (KB0109754)", "creation_timestamp": "2024-02-06T16:42:02.000000Z"}, {"uuid": "d9921953-2765-4203-9bde-61fd5dbc9e5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37522", "type": "seen", "source": "https://t.me/ctinow/168908", "content": "https://ift.tt/JwM1OLG\nCVE-2023-37522", "creation_timestamp": "2024-01-16T17:27:15.000000Z"}, {"uuid": "909c7ceb-9241-42ae-bc4d-0af8a12cc69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37528", "type": "seen", "source": "https://t.me/ctinow/178407", "content": "https://ift.tt/QJEAIF9\nCVE-2023-37528", "creation_timestamp": "2024-02-03T07:26:12.000000Z"}, {"uuid": "1af4e76e-2d7e-485b-8f22-887056306032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37521", "type": "seen", "source": "https://t.me/ctinow/168907", "content": "https://ift.tt/3NKetDS\nCVE-2023-37521", "creation_timestamp": "2024-01-16T17:27:12.000000Z"}, {"uuid": "dcd4b4d0-5111-4574-aa29-a6a6bfa8e295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3752", "type": "seen", "source": "https://t.me/cibsecurity/66985", "content": "\u203c CVE-2023-3752 \u203c\n\nA vulnerability was found in Creativeitem Academy LMS 5.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home/courses. The manipulation of the argument sort_by leads to cross site scripting. The attack may be launched remotely. VDB-234422 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T07:24:57.000000Z"}, {"uuid": "6e5c29f5-21df-4c42-ba94-d16b215aa126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37520", "type": "seen", "source": "https://t.me/ctinow/158068", "content": "https://ift.tt/bv1xiO3\nCVE-2023-37520", "creation_timestamp": "2023-12-22T00:22:15.000000Z"}]}