Updated by Github Bot

cache/NVD.dat

@@ -170,3 +170,13 @@ a718b918773c2c332b2bdb27c369f57e
 855d43577424bff3fe542f025048943c
 e2be6c295a6035bf82cd65964c48b71e
 fd71f119abe2ba4feb147841514c1055
+38a049fd859b7867f61aacfe52398fa1
+eb7a4b89c1dbe4f1aeada05de4994d55
+d2d32697a7f8b17e7de2a5a5ea6c4578
+b0b7aa787f2323389a70d2f57701cfae
+7baa2a11280919ffd83ac8a88723850e
+8b2edf6e7f1ea7b38f921ced6d0d5033
+f1239e99386e8cd1c4b462683e44b80f
+aa17bceff13ee6a3968aef10e3331045
+21795e064b6e0ca98a9222bd30f5f4fb
+84f0dd719e59462a21232f7b6f010dfa

docs/index.html

@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2023-10-20 16:30:37 -->
+<!-- RELEASE TIME : 2023-10-20 18:27:13 -->
 <html lang="zh-cn">
 
  <head>
@@ -2243,6 +2243,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45901">详情</a></td>
       </tr>
 
+      <tr>
+       <td>eb7a4b89c1dbe4f1aeada05de4994d55</td>
+       <td>CVE-2023-43814</td>
+       <td>2023-10-16 22:15:12 </td>
+       <td>Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the `/polls/grouped_poll_results` endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where the results were intended to only be viewable by authorized users. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. There is no workaround for this issue apart from upgrading to the fixed version.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-43814">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>38a049fd859b7867f61aacfe52398fa1</td>
+       <td>CVE-2023-4388</td>
+       <td>2023-10-16 20:15:15 </td>
+       <td>The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4388">详情</a></td>
+      </tr>
+
       <tr>
        <td>77cc40609a8700f7b75c34513fc791a6</td>
        <td>CVE-2023-44229</td>
@@ -2451,22 +2467,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45348">详情</a></td>
       </tr>
 
-      <tr>
-       <td>bc20c6ef5c24423fad414aa20ce33a90</td>
-       <td>CVE-2023-45856</td>
-       <td>2023-10-14 05:15:55 </td>
-       <td>qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45856">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>9b047401deb4be840a6e267b827a85d2</td>
-       <td>CVE-2023-45855</td>
-       <td>2023-10-14 05:15:55 </td>
-       <td>qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45855">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>