Publish Advisories

GHSA-437p-jfm4-2387 GHSA-6cxv-27r2-fp3m GHSA-6fm3-r6mf-j875 GHSA-j6h5-ggv2-3rfv GHSA-mr4w-7vm9-cgqx GHSA-p4jj-gwpg-9jwh
github · Oct 6, 2023 · c13b5e3 · c13b5e3
1 parent e362ed0
commit c13b5e3
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 12 deletions.
diff --git a/advisories/github-reviewed/2023/10/GHSA-437p-jfm4-2387/GHSA-437p-jfm4-2387.json b/advisories/github-reviewed/2023/10/GHSA-437p-jfm4-2387/GHSA-437p-jfm4-2387.json
@@ -1,15 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-437p-jfm4-2387",
-  "modified": "2023-10-06T18:42:44Z",
+  "modified": "2023-10-06T23:36:26Z",
   "published": "2023-10-06T15:30:20Z",
   "aliases": [
     "CVE-2023-44766"
   ],
   "summary": "ConcreteCMS Cross-site Scripting vulnerability",
   "details": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
     {

diff --git a/advisories/github-reviewed/2023/10/GHSA-6cxv-27r2-fp3m/GHSA-6cxv-27r2-fp3m.json b/advisories/github-reviewed/2023/10/GHSA-6cxv-27r2-fp3m/GHSA-6cxv-27r2-fp3m.json
@@ -1,15 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6cxv-27r2-fp3m",
-  "modified": "2023-10-06T18:44:38Z",
+  "modified": "2023-10-06T23:36:30Z",
   "published": "2023-10-06T15:30:20Z",
   "aliases": [
     "CVE-2023-44771"
   ],
   "summary": "Zenario CMS Cross-site Scripting vulnerability",
   "details": "A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
     {

diff --git a/advisories/github-reviewed/2023/10/GHSA-6fm3-r6mf-j875/GHSA-6fm3-r6mf-j875.json b/advisories/github-reviewed/2023/10/GHSA-6fm3-r6mf-j875/GHSA-6fm3-r6mf-j875.json
@@ -1,15 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6fm3-r6mf-j875",
-  "modified": "2023-10-06T18:41:41Z",
+  "modified": "2023-10-06T23:36:22Z",
   "published": "2023-10-06T15:30:19Z",
   "aliases": [
     "CVE-2023-44762"
   ],
   "summary": "ConcreteCMS Cross-site Scripting vulnerability",
   "details": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
     {

diff --git a/advisories/github-reviewed/2023/10/GHSA-j6h5-ggv2-3rfv/GHSA-j6h5-ggv2-3rfv.json b/advisories/github-reviewed/2023/10/GHSA-j6h5-ggv2-3rfv/GHSA-j6h5-ggv2-3rfv.json
@@ -1,15 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j6h5-ggv2-3rfv",
-  "modified": "2023-10-06T18:42:02Z",
+  "modified": "2023-10-06T23:36:24Z",
   "published": "2023-10-06T15:30:19Z",
   "aliases": [
     "CVE-2023-44764"
   ],
   "summary": "ConcreteCMS Cross-site Scripting vulnerability",
   "details": "A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
     {

diff --git a/advisories/github-reviewed/2023/10/GHSA-mr4w-7vm9-cgqx/GHSA-mr4w-7vm9-cgqx.json b/advisories/github-reviewed/2023/10/GHSA-mr4w-7vm9-cgqx/GHSA-mr4w-7vm9-cgqx.json
@@ -1,15 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mr4w-7vm9-cgqx",
-  "modified": "2023-10-06T18:43:57Z",
+  "modified": "2023-10-06T23:36:28Z",
   "published": "2023-10-06T15:30:20Z",
   "aliases": [
     "CVE-2023-44770"
   ],
   "summary": "Zenario CMS Cross-site Scripting vulnerability",
   "details": "A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
     {

diff --git a/advisories/github-reviewed/2023/10/GHSA-p4jj-gwpg-9jwh/GHSA-p4jj-gwpg-9jwh.json b/advisories/github-reviewed/2023/10/GHSA-p4jj-gwpg-9jwh/GHSA-p4jj-gwpg-9jwh.json
@@ -1,15 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p4jj-gwpg-9jwh",
-  "modified": "2023-10-06T18:41:21Z",
+  "modified": "2023-10-06T23:36:20Z",
   "published": "2023-10-06T15:30:19Z",
   "aliases": [
     "CVE-2023-44761"
   ],
   "summary": "ConcreteCMS Cross-site Scripting vulnerability",
   "details": "Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
   ],
   "affected": [
     {