CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47366
https://notcve.org/view.php?id=CVE-2023-47366
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en craft_members Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/craft_members.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47369
https://notcve.org/view.php?id=CVE-2023-47369
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications. La fuga del token de acceso al canal en best_training_member Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas. • https://github.com/syz913/CVE-reports/blob/main/best_training_member.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47370
https://notcve.org/view.php?id=CVE-2023-47370
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en bluetrick Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/bluetrick.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47368
https://notcve.org/view.php?id=CVE-2023-47368
The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en taketorinoyu Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/taketorinoyu.md • CWE-326: Inadequate Encryption Strength •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38845
https://notcve.org/view.php?id=CVE-2023-38845
An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Anglaise Company Anglaise.Company v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38845.md https://liff.line.me/1657030660-8nDEQNbe • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •