Update Wed Feb 14 18:13:01 UTC 2024

trickest · Feb 14, 2024 · 5a9c9b2 · 5a9c9b2
1 parent 0e273e9
commit 5a9c9b2
Show file tree

Hide file tree

Showing 60 changed files with 613 additions and 7 deletions.
diff --git a/2009/CVE-2009-4186.md b/2009/CVE-2009-4186.md
@@ -15,5 +15,6 @@ No PoCs from references.
 #### Github
 - https://github.com/TREYCSE/Web_Scraper_csv
 - https://github.com/alfredodeza/scraping-demo
+- https://github.com/jazzban/scarping-demo-coursera
 - https://github.com/jonlin18/testing-out-scraper
 
diff --git a/2010/CVE-2010-4478.md b/2010/CVE-2010-4478.md
@@ -28,6 +28,7 @@ OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the
 - https://github.com/VictorSum/13.1
 - https://github.com/Zhivarev/13-01-hw
 - https://github.com/kaio6fellipe/ssh-enum
+- https://github.com/ovchdmitriy01/13-1
 - https://github.com/scmanjarrez/CVEScannerV2
 - https://github.com/syadg123/pigat
 - https://github.com/teamssix/pigat

diff --git a/2019/CVE-2019-7317.md b/2019/CVE-2019-7317.md
@@ -11,6 +11,7 @@ png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free becau
 
 #### Reference
 - http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html
+- https://usn.ubuntu.com/3991-1/
 - https://www.oracle.com/security-alerts/cpuApr2021.html
 - https://www.oracle.com/security-alerts/cpuoct2021.html
 

diff --git a/2020/CVE-2020-14439.md b/2020/CVE-2020-14439.md
@@ -0,0 +1,17 @@
+### [CVE-2020-14439](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14439)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
+
+### POC
+
+#### Reference
+- https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2020/CVE-2020-24860.md b/2020/CVE-2020-24860.md
@@ -12,6 +12,7 @@ CMS Made Simple 2.2.14 allows an authenticated user with access to the Content M
 #### Reference
 - http://packetstormsecurity.com/files/159434/CMS-Made-Simple-2.2.14-Cross-Site-Scripting.html
 - https://www.exploit-db.com/exploits/48851
+- https://www.youtube.com/watch?v=M6D7DmmjLak&t=22s
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2020/CVE-2020-28168.md b/2020/CVE-2020-28168.md
@@ -17,4 +17,5 @@ No PoCs from references.
 - https://github.com/FB-Sec/exploits
 - https://github.com/Live-Hack-CVE/CVE-2020-28168
 - https://github.com/renovate-tests/renovate-8297
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2020/CVE-2020-7069.md b/2020/CVE-2020-7069.md
@@ -10,6 +10,7 @@ In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, w
 ### POC
 
 #### Reference
+- https://usn.ubuntu.com/4583-1/
 - https://www.oracle.com/security-alerts/cpuApr2021.html
 - https://www.oracle.com/security-alerts/cpuoct2021.html
 

diff --git a/2020/CVE-2020-7070.md b/2020/CVE-2020-7070.md
@@ -10,6 +10,7 @@ In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, w
 ### POC
 
 #### Reference
+- https://usn.ubuntu.com/4583-1/
 - https://www.oracle.com/security-alerts/cpuoct2021.html
 
 #### Github

diff --git a/2021/CVE-2021-3749.md b/2021/CVE-2021-3749.md
@@ -28,4 +28,5 @@ axios is vulnerable to Inefficient Regular Expression Complexity
 - https://github.com/rgstephens/node-red-contrib-graphql
 - https://github.com/seal-community/patches
 - https://github.com/trhacknon/Pocingit
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md
@@ -466,6 +466,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/YoungBear/log4j2demo
 - https://github.com/Z0fhack/Goby_POC
 - https://github.com/ZacharyHampton/MCMetasploit
+- https://github.com/ZonghaoLi777/githubTrending
 - https://github.com/Zyglow/getcve
 - https://github.com/aajuvonen/log4j-hackrf-waveforms
 - https://github.com/aajuvonen/log4stdin
@@ -510,6 +511,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/andrewspearson/Log4Shell-Detection
 - https://github.com/andrii-kovalenko-celonis/log4j-vulnerability-demo
 - https://github.com/andypitcher/Log4J_checker
+- https://github.com/aneasystone/github-trending
 - https://github.com/angristan/awesome-stars
 - https://github.com/ankur-katiyar/log4j-docker
 - https://github.com/ankur-katiyar/log4j-vunerable-server
@@ -849,6 +851,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/jacobwarren/waratek-log4j-poc
 - https://github.com/jacobxr/log4shell-vulnerable-app
 - https://github.com/jaehnri/CVE-2021-44228
+- https://github.com/jafshare/GithubTrending
 - https://github.com/jahidul-arafat/log4j-vulnerability-simulation
 - https://github.com/jamesbrunke/AttendanceProject
 - https://github.com/jan-muhammad-zaidi/Log4j-CVE-2021-44228
@@ -1080,6 +1083,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/ossie-git/log4shell_sentinel
 - https://github.com/otaviokr/log4j-2021-vulnerability-study
+- https://github.com/otogawakatsutoshi/log4j2_exploit
 - https://github.com/ox-eye/Ox4Shell
 - https://github.com/p-ssanders/jvex
 - https://github.com/p3dr16k/log4j-1.2.15-mod
@@ -1198,6 +1202,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/saharNooby/log4j-vulnerability-patcher-agent
 - https://github.com/sailingbikeruk/log4j-file-search
 - https://github.com/samjcs/log4shell-possible-malware
+- https://github.com/sampsonv/github-trending
 - https://github.com/samq-ghdemo/christophetd-log4shell-vulnerable-app
 - https://github.com/samq-ghdemo/gradle-smartfix
 - https://github.com/samq-ghdemo/log4shell-vulnerable-app-noreach
@@ -1440,6 +1445,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/zhangxvx/Log4j-Rec-CVE-2021-44228
 - https://github.com/zhangyoufu/log4j2-without-jndi
 - https://github.com/zhangziyang301/Awesome-Redteam
+- https://github.com/zhaoxiaoha/github-trending
 - https://github.com/zhzyker/logmap
 - https://github.com/zimovane/java-eco-RCE-examples
 - https://github.com/zlatinb/mucats

diff --git a/2021/CVE-2021-46362.md b/2021/CVE-2021-46362.md
@@ -13,5 +13,5 @@ A Server-Side Template Injection (SSTI) vulnerability in the Registration and Fo
 - https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46362-Unauthenticated%20SSTI-Magnolia%20CMS
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/mbadanoiu/CVE-2021-46362
 
diff --git a/2021/CVE-2021-46363.md b/2021/CVE-2021-46363.md
@@ -13,5 +13,5 @@ An issue in the Export function of Magnolia v6.2.3 and below allows attackers to
 - https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46363-Formula%20Injection-Magnolia%20CMS
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/mbadanoiu/CVE-2021-46363
 
diff --git a/2021/CVE-2021-46365.md b/2021/CVE-2021-46365.md
@@ -13,5 +13,5 @@ An issue in the Export function of Magnolia v6.2.3 and below allows attackers to
 - https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46365-Unsafe%20XML%20Parsing-Magnolia%20CMS
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/mbadanoiu/CVE-2021-46365
 
diff --git a/2021/CVE-2021-46366.md b/2021/CVE-2021-46366.md
@@ -13,5 +13,5 @@ An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to
 - https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-46366-CSRF%2BOpen%20Redirect-Magnolia%20CMS
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/mbadanoiu/CVE-2021-46366
 
diff --git a/2022/CVE-2022-0155.md b/2022/CVE-2022-0155.md
@@ -24,4 +24,5 @@ No PoCs from references.
 - https://github.com/mrbungle64/ioBroker.switchbot-ble
 - https://github.com/mrbungle64/node-red-contrib-ecovacs-deebot
 - https://github.com/noneisland/bot
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2022/CVE-2022-0536.md b/2022/CVE-2022-0536.md
@@ -15,4 +15,5 @@ No PoCs from references.
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/MaySoMusician/geidai-ikoi
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2022/CVE-2022-23539.md b/2022/CVE-2022-23539.md
@@ -14,4 +14,5 @@ Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that lega
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2022/CVE-2022-23540.md b/2022/CVE-2022-23540.md
@@ -18,4 +18,5 @@ In versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in
 - https://github.com/k0mi-tg/CVE-POC
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2022/CVE-2022-23541.md b/2022/CVE-2022-23541.md
@@ -15,4 +15,5 @@ jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `js
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2022/CVE-2022-2795.md b/2022/CVE-2022-2795.md
@@ -22,5 +22,6 @@ No PoCs from references.
 - https://github.com/SergeyM90/Atack1
 - https://github.com/Zhivarev/13-01-hw
 - https://github.com/karimhabush/cyberowl
+- https://github.com/ovchdmitriy01/13-1
 - https://github.com/zzzWTF/db-13-01
 
diff --git a/2022/CVE-2022-4262.md b/2022/CVE-2022-4262.md
@@ -19,6 +19,7 @@ No PoCs from references.
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/Threekiii/CVE
 - https://github.com/Wi1L-Y/News
+- https://github.com/aneasystone/github-trending
 - https://github.com/bjrjk/CVE-2022-4262
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2023/CVE-2023-26159.md b/2023/CVE-2023-26159.md
@@ -16,4 +16,5 @@ Versions of the package follow-redirects before 1.15.4 are vulnerable to Imprope
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/seal-community/patches
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2023/CVE-2023-27233.md b/2023/CVE-2023-27233.md
@@ -0,0 +1,17 @@
+### [CVE-2023-27233](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27233)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order[0][dir] parameter at user_list_backend.php.
+
+### POC
+
+#### Reference
+- https://gist.github.com/renanavs/dcb13bb1cd618ce7eb0c80290b837245
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-27561.md b/2023/CVE-2023-27561.md
@@ -10,6 +10,7 @@ runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privile
 ### POC
 
 #### Reference
+- https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9
 - https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334
 - https://github.com/opencontainers/runc/issues/3751
 

diff --git a/2023/CVE-2023-31492.md b/2023/CVE-2023-31492.md
@@ -13,5 +13,5 @@ Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default pa
 - http://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.html
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2023/CVE-2023-36485.md b/2023/CVE-2023-36485.md
@@ -0,0 +1,17 @@
+### [CVE-2023-36485](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36485)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2023/CVE-2023-36486.md b/2023/CVE-2023-36486.md
@@ -0,0 +1,17 @@
+### [CVE-2023-36486](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36486)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2023/CVE-2023-38960.md b/2023/CVE-2023-38960.md
@@ -13,5 +13,5 @@ Insecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build
 - https://rodelllemit.medium.com/insecure-permissions-vulnerability-in-raidenftpd-v2-4-build-4005-2016-04-01-ea7389be3d33
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2023/CVE-2023-45857.md b/2023/CVE-2023-45857.md
@@ -21,4 +21,5 @@ No PoCs from references.
 - https://github.com/seal-community/patches
 - https://github.com/stiifii/tbo_projekt
 - https://github.com/valentin-panov/CVE-2023-45857
+- https://github.com/zvigrinberg/exhort-service-readiness-experiment
 
diff --git a/2023/CVE-2023-5496.md b/2023/CVE-2023-5496.md
@@ -0,0 +1,17 @@
+### [CVE-2023-5496](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5496)
+![](https://img.shields.io/static/v1?label=Product&message=PoqDev%20Add-On&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0.11%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability was found in Translator PoqDev Add-On 1.0.11 on Firefox. It has been rated as problematic. This issue affects some unknown processing of the component Select Text Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-241649 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.241649
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-5992.md b/2023/CVE-2023-5992.md
@@ -5,7 +5,7 @@
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Observable%20Discrepancy&color=brighgreen)
 
 ### Description
 

diff --git a/2024/CVE-2024-0911.md b/2024/CVE-2024-0911.md
@@ -0,0 +1,21 @@
+### [CVE-2024-0911](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0911)
+![](https://img.shields.io/static/v1?label=Product&message=Extra%20Packages%20for%20Enterprise%20Linux&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Fedora&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=indent-2.2.13&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Heap-based%20Buffer%20Overflow&color=brighgreen)
+
+### Description
+
+A flaw was found in Indent. This issue may allow a local user to use a specially-crafted file to trigger a heap-based buffer overflow, which can lead to an application crash.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-1485.md b/2024/CVE-2024-1485.md
@@ -0,0 +1,19 @@
+### [CVE-2024-1485](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1485)
+![](https://img.shields.io/static/v1?label=Product&message=OpenShift%20Developer%20Tools%20and%20Services&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=registry-support&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Relative%20Path%20Traversal&color=brighgreen)
+
+### Description
+
+A vulnerability was found in the decompression function of registry-support. This issue can be triggered by an unauthenticated remote attacker when tricking a user into opening a specially modified .tar archive, leading to the cleanup process following relative paths to overwrite or delete files outside the intended scope.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-21374.md b/2024/CVE-2024-21374.md
@@ -0,0 +1,17 @@
+### [CVE-2024-21374](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21374)
+![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Teams%20for%20Android&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.0.0.2024022302%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen)
+
+### Description
+
+Microsoft Teams for Android Information Disclosure
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Ch0pin/related_work
+
diff --git a/2024/CVE-2024-21893.md b/2024/CVE-2024-21893.md
@@ -17,6 +17,7 @@ No PoCs from references.
 - https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887
 - https://github.com/H4lo/awesome-IoT-security-article
 - https://github.com/Ostorlab/KEV
+- https://github.com/afonsovitorio/cve_sandbox
 - https://github.com/h4x0r-dz/CVE-2024-21893.py
 - https://github.com/inguardians/ivanti-VPN-issues-2024-research
 - https://github.com/nomi-sec/PoC-in-GitHub

diff --git a/2024/CVE-2024-23897.md b/2024/CVE-2024-23897.md
@@ -17,6 +17,7 @@ Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of
 - https://github.com/20142995/sectool
 - https://github.com/AbraXa5/AbraXa5
 - https://github.com/AbraXa5/Jenkins-CVE-2024-23897
+- https://github.com/B4CK4TT4CK/CVE-2024-23897
 - https://github.com/CKevens/CVE-2024-23897
 - https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/Ostorlab/KEV