<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-16T08:06:20.264699+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c510b0a8-7458-405b-89b8-d60c59d2bd81/export</id>
    <title>c510b0a8-7458-405b-89b8-d60c59d2bd81</title>
    <updated>2026-07-16T08:06:20.282359+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c510b0a8-7458-405b-89b8-d60c59d2bd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2720", "type": "seen", "source": "https://t.me/cibsecurity/51256", "content": "\u203c CVE-2022-2720 \u203c\n\nIn affected versions of Octopus Server it was identified that when a sensitive value is a substring of another value, sensitive value masking will only partially work.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T12:40:50.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c510b0a8-7458-405b-89b8-d60c59d2bd81/export"/>
    <published>2022-10-12T12:40:50+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8cb4774c-06ca-45eb-a56f-cc209a331880/export</id>
    <title>8cb4774c-06ca-45eb-a56f-cc209a331880</title>
    <updated>2026-07-16T08:06:20.285331+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8cb4774c-06ca-45eb-a56f-cc209a331880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27200", "type": "seen", "source": "https://t.me/cibsecurity/38953", "content": "\u203c CVE-2022-27200 \u203c\n\nJenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:48.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8cb4774c-06ca-45eb-a56f-cc209a331880/export"/>
    <published>2022-03-15T19:19:48+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/74ef399e-de1a-4493-a33e-75a59c5ad52a/export</id>
    <title>74ef399e-de1a-4493-a33e-75a59c5ad52a</title>
    <updated>2026-07-16T08:06:20.285484+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "74ef399e-de1a-4493-a33e-75a59c5ad52a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27204", "type": "seen", "source": "https://t.me/cibsecurity/38946", "content": "\u203c CVE-2022-27204 \u203c\n\nA cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:40.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/74ef399e-de1a-4493-a33e-75a59c5ad52a/export"/>
    <published>2022-03-15T19:19:40+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/43720ef4-395a-4f6b-ae6e-b4526835df8c/export</id>
    <title>43720ef4-395a-4f6b-ae6e-b4526835df8c</title>
    <updated>2026-07-16T08:06:20.285609+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "43720ef4-395a-4f6b-ae6e-b4526835df8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27208", "type": "seen", "source": "https://t.me/cibsecurity/38945", "content": "\u203c CVE-2022-27208 \u203c\n\nJenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:39.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/43720ef4-395a-4f6b-ae6e-b4526835df8c/export"/>
    <published>2022-03-15T19:19:39+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/71a0abd6-5aa2-4c29-972c-9a4b3a988a17/export</id>
    <title>71a0abd6-5aa2-4c29-972c-9a4b3a988a17</title>
    <updated>2026-07-16T08:06:20.285716+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "71a0abd6-5aa2-4c29-972c-9a4b3a988a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27205", "type": "seen", "source": "https://t.me/cibsecurity/38943", "content": "\u203c CVE-2022-27205 \u203c\n\nA missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:34.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/71a0abd6-5aa2-4c29-972c-9a4b3a988a17/export"/>
    <published>2022-03-15T19:19:34+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ec24e333-5c64-40e7-a6fb-205f15beda56/export</id>
    <title>ec24e333-5c64-40e7-a6fb-205f15beda56</title>
    <updated>2026-07-16T08:06:20.285823+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ec24e333-5c64-40e7-a6fb-205f15beda56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27207", "type": "seen", "source": "https://t.me/cibsecurity/38939", "content": "\u203c CVE-2022-27207 \u203c\n\nJenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:30.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ec24e333-5c64-40e7-a6fb-205f15beda56/export"/>
    <published>2022-03-15T19:19:30+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/271ade47-c382-4c47-b541-b3f640527fa1/export</id>
    <title>271ade47-c382-4c47-b541-b3f640527fa1</title>
    <updated>2026-07-16T08:06:20.285928+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "271ade47-c382-4c47-b541-b3f640527fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27202", "type": "seen", "source": "https://t.me/cibsecurity/38938", "content": "\u203c CVE-2022-27202 \u203c\n\nJenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:29.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/271ade47-c382-4c47-b541-b3f640527fa1/export"/>
    <published>2022-03-15T19:19:29+00:00</published>
  </entry>
</feed>
