From beaa6d4762a00191944b27bd76aca15d420437e7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 00:21:14 +0000 Subject: [PATCH] generated content from 2025-01-02 --- mapping.csv | 2 ++ ...-7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e.json | 22 +++++++++++++++++++ ...-9449d398-42ae-4e60-84f3-e55585ed7a51.json | 22 +++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 objects/vulnerability/vulnerability--7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e.json create mode 100644 objects/vulnerability/vulnerability--9449d398-42ae-4e60-84f3-e55585ed7a51.json diff --git a/mapping.csv b/mapping.csv index 8d946f6073..29a0badf74 100644 --- a/mapping.csv +++ b/mapping.csv @@ -261640,3 +261640,5 @@ vulnerability,CVE-2023-48775,vulnerability--aadd52c1-537c-408d-b3c5-dee1c87169d4 vulnerability,CVE-2023-50850,vulnerability--9d3f653c-9de7-4b2f-b197-dfb67eef11dd vulnerability,CVE-2023-6603,vulnerability--459e21aa-3368-4fac-a8fa-b50b70276f28 vulnerability,CVE-2023-6602,vulnerability--b99108e7-3680-42eb-a7fd-cc4d576f5776 +vulnerability,CVE-2024-11846,vulnerability--7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e +vulnerability,CVE-2025-0168,vulnerability--9449d398-42ae-4e60-84f3-e55585ed7a51 diff --git a/objects/vulnerability/vulnerability--7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e.json b/objects/vulnerability/vulnerability--7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e.json new file mode 100644 index 0000000000..63a7837cd0 --- /dev/null +++ b/objects/vulnerability/vulnerability--7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ec5bb0b5-761c-40bc-be26-8f890ab94331", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7f5ca5a4-8fd0-44b1-8af8-33f2f1891e5e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-02T00:20:45.568493Z", + "modified": "2025-01-02T00:20:45.568493Z", + "name": "CVE-2024-11846", + "description": "The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11846" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9449d398-42ae-4e60-84f3-e55585ed7a51.json b/objects/vulnerability/vulnerability--9449d398-42ae-4e60-84f3-e55585ed7a51.json new file mode 100644 index 0000000000..4c53ea0acf --- /dev/null +++ b/objects/vulnerability/vulnerability--9449d398-42ae-4e60-84f3-e55585ed7a51.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--12d2b0bb-9918-472a-9da1-0b93290356ed", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9449d398-42ae-4e60-84f3-e55585ed7a51", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-02T00:20:57.124734Z", + "modified": "2025-01-02T00:20:57.124734Z", + "name": "CVE-2025-0168", + "description": "A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0168" + } + ] + } + ] +} \ No newline at end of file