https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 09:44:58 +0000 https://vulnerability.circl.lu/sighting/87927d59-f1bf-4127-926e-09df01bf6378/export {"uuid": "87927d59-f1bf-4127-926e-09df01bf6378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24864", "type": "seen", "source": "https://t.me/cibsecurity/41193", "content": "\u203c CVE-2022-24864 \u203c\n\nOrigin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is delivered to the founders@originprotocol.com. If the email recipient is using an email program that is susceptible to XSS, then that email recipient will receive an email that may contain malicious XSS. Regardless if the email recipient\u00e2\u20ac\u2122s mail program has vulnerabilities or not, the hacker can at the very least inject malicious HTML that modifies the body content of the email. There are currently no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-20T22:25:52.000000Z"} {"uuid": "87927d59-f1bf-4127-926e-09df01bf6378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24864", "type": "seen", "source": "https://t.me/cibsecurity/41193", "content": "\u203c CVE-2022-24864 \u203c\n\nOrigin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is delivered to the founders@originprotocol.com. If the email recipient is using an email program that is susceptible to XSS, then that email recipient will receive an email that may contain malicious XSS. Regardless if the email recipient\u00e2\u20ac\u2122s mail program has vulnerabilities or not, the hacker can at the very least inject malicious HTML that modifies the body content of the email. There are currently no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-20T22:25:52.000000Z"} https://vulnerability.circl.lu/sighting/87927d59-f1bf-4127-926e-09df01bf6378/export Wed, 20 Apr 2022 22:25:52 +0000