Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 11 May 2026 23:31:34 +0000 8306e09a-1be1-46f1-8077-ca43db988a7d https://vulnerability.circl.lu/sighting/8306e09a-1be1-46f1-8077-ca43db988a7d/export {"uuid": "8306e09a-1be1-46f1-8077-ca43db988a7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40633", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16964", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40633\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: A Stored Cross-Site Scripting (XSS) vulnerability has been found in \nKoibox for versions prior to e8cbce2. This vulnerability allows an \nauthenticated attacker to upload an image containing malicious \nJavaScript code as profile picture in the \n'/es/dashboard/clientes/ficha/' endpoint\n\ud83d\udccf Published: 2025-05-20T10:17:00.222Z\n\ud83d\udccf Modified: 2025-05-20T10:17:00.222Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/stored-cross-site-scripting-xss-koibox", "creation_timestamp": "2025-05-20T10:40:15.000000Z"} {"uuid": "8306e09a-1be1-46f1-8077-ca43db988a7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40633", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16964", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40633\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: A Stored Cross-Site Scripting (XSS) vulnerability has been found in \nKoibox for versions prior to e8cbce2. This vulnerability allows an \nauthenticated attacker to upload an image containing malicious \nJavaScript code as profile picture in the \n'/es/dashboard/clientes/ficha/' endpoint\n\ud83d\udccf Published: 2025-05-20T10:17:00.222Z\n\ud83d\udccf Modified: 2025-05-20T10:17:00.222Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/stored-cross-site-scripting-xss-koibox", "creation_timestamp": "2025-05-20T10:40:15.000000Z"} https://vulnerability.circl.lu/sighting/8306e09a-1be1-46f1-8077-ca43db988a7d/export Tue, 20 May 2025 10:40:15 +0000