generated content from 2025-01-09

mapping.csv

@@ -262837,3 +262837,31 @@ vulnerability,CVE-2024-54887,vulnerability--db6f47e0-ea76-43e1-8b86-85e5d5cd8c0e
 vulnerability,CVE-2024-54762,vulnerability--3c7377b8-b6f3-4d9e-ab5d-dc79b02eb8a3
 vulnerability,CVE-2024-10215,vulnerability--d0fc6524-8e19-4628-b87c-52392194fa67
 vulnerability,CVE-2024-46505,vulnerability--6170e2aa-ae29-4b21-b4cb-be59b082e954
+vulnerability,CVE-2024-48806,vulnerability--9d8c5f2a-732a-483c-b55d-ca0e6edd74a9
+vulnerability,CVE-2024-13302,vulnerability--edf36a48-4d0c-48e6-b021-6db2470dc720
+vulnerability,CVE-2024-13301,vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da
+vulnerability,CVE-2024-13287,vulnerability--961a2acb-f1db-4bf1-91ae-2f9d735bdb94
+vulnerability,CVE-2024-13299,vulnerability--efbb088c-d8ec-4460-8b5e-736c8f02c12d
+vulnerability,CVE-2024-13289,vulnerability--d9039382-78a3-48c9-9b08-8d2c88942618
+vulnerability,CVE-2024-13285,vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d
+vulnerability,CVE-2024-13291,vulnerability--95070168-3b88-4639-9054-b8c9b05e4907
+vulnerability,CVE-2024-13286,vulnerability--d9aa9d07-873c-46a1-b046-3d1ecc4e207a
+vulnerability,CVE-2024-13300,vulnerability--b1c1f701-37ee-43f4-94fa-1517c46fafd6
+vulnerability,CVE-2024-13288,vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c
+vulnerability,CVE-2024-13292,vulnerability--591abfca-2668-47d3-9761-83104e21f425
+vulnerability,CVE-2024-13298,vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849
+vulnerability,CVE-2024-13312,vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7
+vulnerability,CVE-2024-13310,vulnerability--d14cdb04-609d-464c-98d2-a5fdfdabe7ea
+vulnerability,CVE-2024-13311,vulnerability--ee275885-47b9-4418-a599-64ab9e85b1a2
+vulnerability,CVE-2024-13303,vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e
+vulnerability,CVE-2024-13309,vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe
+vulnerability,CVE-2024-13304,vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb
+vulnerability,CVE-2024-13294,vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3
+vulnerability,CVE-2024-13297,vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13
+vulnerability,CVE-2024-13305,vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c
+vulnerability,CVE-2024-13293,vulnerability--746fc268-90e8-4875-ad09-d7450c298b46
+vulnerability,CVE-2024-13296,vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa
+vulnerability,CVE-2024-13290,vulnerability--e2db6a63-47d8-4305-afce-9bc88305b6d1
+vulnerability,CVE-2024-13295,vulnerability--dd948502-94a1-428a-aec5-b1b08f07a040
+vulnerability,CVE-2024-13308,vulnerability--b3aa267f-c5fc-4e41-8a30-ac90998f56c1
+vulnerability,CVE-2024-42898,vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197

objects/vulnerability/vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--36d9c5f9-ec51-4e2b-a106-08d5be88983e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.569667Z",
+            "modified": "2025-01-09T21:18:39.569667Z",
+            "name": "CVE-2024-13304",
+            "description": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13304"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--dd976bc5-ab8b-4292-8c0a-2ab6c2f74b89",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.825144Z",
+            "modified": "2025-01-09T21:18:39.825144Z",
+            "name": "CVE-2024-42898",
+            "description": "A cross-site scripting (XSS) vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-42898"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--33ef7be2-1dff-4050-9c17-03ff6838d9b0",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.572128Z",
+            "modified": "2025-01-09T21:18:39.572128Z",
+            "name": "CVE-2024-13297",
+            "description": "Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This issue affects Eloqua: from 7.X-* before 7.X-1.15.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13297"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--6d628df8-6ef6-4b9d-9316-e1eb476fe0c6",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.557632Z",
+            "modified": "2025-01-09T21:18:39.557632Z",
+            "name": "CVE-2024-13288",
+            "description": "Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from 0.0.0 before 9.3.4, from 9.4.0 before 9.4.2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13288"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--d8d050e7-c407-4eb7-a2c5-ce006b1664c6",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.561093Z",
+            "modified": "2025-01-09T21:18:39.561093Z",
+            "name": "CVE-2024-13298",
+            "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tarte au Citron allows Cross-Site Scripting (XSS).This issue affects Tarte au Citron: from 2.0.0 before 2.0.5.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13298"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--591abfca-2668-47d3-9761-83104e21f425.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b36edf49-2ebc-47a8-b410-eac000fe40b0",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--591abfca-2668-47d3-9761-83104e21f425",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.559723Z",
+            "modified": "2025-01-09T21:18:39.559723Z",
+            "name": "CVE-2024-13292",
+            "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tooltip allows Cross-Site Scripting (XSS).This issue affects Tooltip: from 0.0.0 before 1.1.2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13292"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--75365370-164a-4d77-96b2-f604086cfcca",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.543473Z",
+            "modified": "2025-01-09T21:18:39.543473Z",
+            "name": "CVE-2024-13301",
+            "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows Cross-Site Scripting (XSS).This issue affects OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client): from 3.0.0 before 3.44.0, from 4.0.0 before 4.0.19.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13301"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--2a810ae6-6639-4f43-8c05-c7b13b9f4f20",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.567613Z",
+            "modified": "2025-01-09T21:18:39.567613Z",
+            "name": "CVE-2024-13303",
+            "description": "Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13303"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--80707a29-79f3-45ec-b61a-0eee1ca8bfee",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.57125Z",
+            "modified": "2025-01-09T21:18:39.57125Z",
+            "name": "CVE-2024-13294",
+            "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal POST File allows Cross-Site Scripting (XSS).This issue affects POST File: from 0.0.0 before 1.0.2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13294"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--746fc268-90e8-4875-ad09-d7450c298b46.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--6ce6d72c-7b6e-4f36-9898-7fef7acdff0b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--746fc268-90e8-4875-ad09-d7450c298b46",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.574932Z",
+            "modified": "2025-01-09T21:18:39.574932Z",
+            "name": "CVE-2024-13293",
+            "description": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13293"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--0e20ada4-c09c-462a-893c-c4c22172f959",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.576027Z",
+            "modified": "2025-01-09T21:18:39.576027Z",
+            "name": "CVE-2024-13296",
+            "description": "Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This issue affects Mailjet: from 0.0.0 before 4.0.1.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13296"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--25fda93f-59dd-4be8-8f2c-aa87dd609e96",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.573697Z",
+            "modified": "2025-01-09T21:18:39.573697Z",
+            "name": "CVE-2024-13305",
+            "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Entity Form Steps allows Cross-Site Scripting (XSS).This issue affects Entity Form Steps: from 0.0.0 before 1.1.4.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13305"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--abf7552d-1d50-450c-9a85-5585268b26f8",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.551662Z",
+            "modified": "2025-01-09T21:18:39.551662Z",
+            "name": "CVE-2024-13285",
+            "description": "Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13285"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--7e67d0fd-a998-474b-874e-96ccdf6139ae",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.56303Z",
+            "modified": "2025-01-09T21:18:39.56303Z",
+            "name": "CVE-2024-13312",
+            "description": "Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 11.8.0 before 12.3.10, from 12.4.0 before 12.4.9.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13312"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--c8cc6105-62d9-4f82-8ebc-7e9a5be7e33e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-09T21:18:39.568683Z",
+            "modified": "2025-01-09T21:18:39.568683Z",
+            "name": "CVE-2024-13309",
+            "description": "Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13309"
+                }
+            ]
+        }
+    ]
+}