更新: 2423 个文件 - 2026-03-18 14:23:01

08-threat-intel/registry/advisories/magento-open-source--a6c3143101.json

@@ -0,0 +1,59 @@
+{
+  "canonical_id": "magento-open-source--a6c3143101",
+  "system_id": "magento-open-source",
+  "display_name": "Magento Open Source",
+  "category": "ecommerce",
+  "advisory_mode": "extension",
+  "title": "Extortion of Magento merchants   2022-11-07  Sansec has received reports of criminals trying to extort Magento merchants with the message below. As long as the sender does not produce evidence, they almost certainly did not steal your sensitive data. Ignoring them is best.   skimming",
+  "summary": "",
+  "published_at": null,
+  "updated_at": null,
+  "severity": "unknown",
+  "cvss_score": null,
+  "exploit_status": "unknown",
+  "source_confidence": "ecosystem-authority",
+  "official_source_url": "https://sansec.io/research/extortion-magento-bitcoin",
+  "secondary_source_urls": [],
+  "aliases": [],
+  "cve_ids": [],
+  "ghsa_ids": [],
+  "osv_ids": [],
+  "affected_versions": [],
+  "fixed_versions": [],
+  "package_name": null,
+  "render_markdown": false,
+  "case_path": null,
+  "secure_code_topics": [
+    "authz-server-side-recheck",
+    "file-upload-validation",
+    "plugin-extension-trust-policy"
+  ],
+  "status": "triage",
+  "triage_reasons": [
+    "missing affected/fixed version details"
+  ],
+  "verification_status": "triage-manual",
+  "verification_mode": "synthetic",
+  "last_verified_at": null,
+  "last_run_id": null,
+  "evidence_bundle": null,
+  "historical_status": null,
+  "latest_status": null,
+  "browser_evidence": {
+    "required": false,
+    "present": false,
+    "refs": []
+  },
+  "repro_profile_id": "plugin-extension-generic",
+  "artifact_mode": "synthetic",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "Sansec Research"
+    ],
+    "source_kinds": [
+      "html-links"
+    ],
+    "candidate_count": 1
+  }
+}