<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 01 Jul 2026 04:06:55 +0000</lastBuildDate>
    <item>
      <title>a54bb56f-7d11-47c4-a2aa-2fa75f3776fd</title>
      <link>https://vulnerability.circl.lu/sighting/a54bb56f-7d11-47c4-a2aa-2fa75f3776fd/export</link>
      <description>{"uuid": "a54bb56f-7d11-47c4-a2aa-2fa75f3776fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-9V62-R8M2-76M8", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-9v62-r8m2-76m8\n\ud83d\udd17 Aliases: CVE-2024-13136\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T09:30:42Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T09:30:42Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-20\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13136\n2. https://github.com/wangl1989/mysiteforme/issues/52\n3. https://github.com/wangl1989/mysiteforme/issues/52#issue-25682365\n4. https://vuldb.com/?ctiid.290210\n5. https://vuldb.com/?id.290210\n6. https://vuldb.com/?submit.468391", "creation_timestamp": "2025-01-05T09:36:28.000000Z"}</description>
      <content:encoded>{"uuid": "a54bb56f-7d11-47c4-a2aa-2fa75f3776fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-9V62-R8M2-76M8", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-9v62-r8m2-76m8\n\ud83d\udd17 Aliases: CVE-2024-13136\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T09:30:42Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T09:30:42Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-20\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13136\n2. https://github.com/wangl1989/mysiteforme/issues/52\n3. https://github.com/wangl1989/mysiteforme/issues/52#issue-25682365\n4. https://vuldb.com/?ctiid.290210\n5. https://vuldb.com/?id.290210\n6. https://vuldb.com/?submit.468391", "creation_timestamp": "2025-01-05T09:36:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a54bb56f-7d11-47c4-a2aa-2fa75f3776fd/export</guid>
      <pubDate>Sun, 05 Jan 2025 09:36:28 +0000</pubDate>
    </item>
  </channel>
</rss>
