https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 13:41:27 +0000 https://vulnerability.circl.lu/sighting/d8dbba88-36b4-4d7b-a517-395a1650f7b8/export {"uuid": "d8dbba88-36b4-4d7b-a517-395a1650f7b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-5398", "type": "seen", "source": "https://t.me/VulnerabilityNews/380", "content": "JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showing to other users, including admins.\nPublished at: August 01, 2018 at 04:29PM\nView on website", "creation_timestamp": "2018-08-01T19:18:39.000000Z"} {"uuid": "d8dbba88-36b4-4d7b-a517-395a1650f7b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-5398", "type": "seen", "source": "https://t.me/VulnerabilityNews/380", "content": "JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showing to other users, including admins.\nPublished at: August 01, 2018 at 04:29PM\nView on website", "creation_timestamp": "2018-08-01T19:18:39.000000Z"} https://vulnerability.circl.lu/sighting/d8dbba88-36b4-4d7b-a517-395a1650f7b8/export Wed, 01 Aug 2018 19:18:39 +0000