<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 10 Jul 2026 18:45:14 +0000</lastBuildDate>
    <item>
      <title>dd8553b4-fd75-40ff-b199-94672186e049</title>
      <link>https://vulnerability.circl.lu/sighting/dd8553b4-fd75-40ff-b199-94672186e049/export</link>
      <description>{"uuid": "dd8553b4-fd75-40ff-b199-94672186e049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40170", "type": "seen", "source": "https://t.me/cibsecurity/69321", "content": "\u203c CVE-2023-40170 \u203c\n\njupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on `/files/` URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via \"Open image in new tab\". This issue has been addressed in commit `87a49272728` which has been included in release `2.7.2`. Users are advised to upgrade. Users unable to upgrade may use the lower performance `--ContentsManager.files_handler_class=jupyter_server.files.handlers.FilesHandler`, which implements the correct checks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-29T00:16:58.000000Z"}</description>
      <content:encoded>{"uuid": "dd8553b4-fd75-40ff-b199-94672186e049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40170", "type": "seen", "source": "https://t.me/cibsecurity/69321", "content": "\u203c CVE-2023-40170 \u203c\n\njupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on `/files/` URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via \"Open image in new tab\". This issue has been addressed in commit `87a49272728` which has been included in release `2.7.2`. Users are advised to upgrade. Users unable to upgrade may use the lower performance `--ContentsManager.files_handler_class=jupyter_server.files.handlers.FilesHandler`, which implements the correct checks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-29T00:16:58.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dd8553b4-fd75-40ff-b199-94672186e049/export</guid>
      <pubDate>Tue, 29 Aug 2023 00:16:58 +0000</pubDate>
    </item>
    <item>
      <title>ba8f481c-1536-42cd-a9d2-28850997525b</title>
      <link>https://vulnerability.circl.lu/sighting/ba8f481c-1536-42cd-a9d2-28850997525b/export</link>
      <description>{"uuid": "ba8f481c-1536-42cd-a9d2-28850997525b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40176", "type": "seen", "source": "https://t.me/cibsecurity/69098", "content": "\u203c CVE-2023-40176 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can exploit a stored XSS through their user profile by setting the payload as the value of the time zone user preference. Even though the time zone is selected from a drop down (no free text value) it can still be set from JavaScript (using the browser developer tools) or by calling the save URL on the user profile with the right query string. Once the time zone is set it is displayed without escaping which means the payload gets executed for any user that visits the malicious user profile, allowing the attacker to steal information and even gain more access rights (escalation to programming rights). This issue is present since version 4.1M2 when the time zone user preference was introduced. The issue has been fixed in XWiki 14.10.5 and 15.1RC1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T00:14:23.000000Z"}</description>
      <content:encoded>{"uuid": "ba8f481c-1536-42cd-a9d2-28850997525b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40176", "type": "seen", "source": "https://t.me/cibsecurity/69098", "content": "\u203c CVE-2023-40176 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can exploit a stored XSS through their user profile by setting the payload as the value of the time zone user preference. Even though the time zone is selected from a drop down (no free text value) it can still be set from JavaScript (using the browser developer tools) or by calling the save URL on the user profile with the right query string. Once the time zone is set it is displayed without escaping which means the payload gets executed for any user that visits the malicious user profile, allowing the attacker to steal information and even gain more access rights (escalation to programming rights). This issue is present since version 4.1M2 when the time zone user preference was introduced. The issue has been fixed in XWiki 14.10.5 and 15.1RC1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T00:14:23.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ba8f481c-1536-42cd-a9d2-28850997525b/export</guid>
      <pubDate>Thu, 24 Aug 2023 00:14:23 +0000</pubDate>
    </item>
    <item>
      <title>d68f546d-ac43-4eda-872f-f0e3515d4ef6</title>
      <link>https://vulnerability.circl.lu/sighting/d68f546d-ac43-4eda-872f-f0e3515d4ef6/export</link>
      <description>{"uuid": "d68f546d-ac43-4eda-872f-f0e3515d4ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40178", "type": "seen", "source": "https://t.me/cibsecurity/69095", "content": "\u203c CVE-2023-40178 \u203c\n\nNode-SAML is a SAML library not dependent on any frameworks that runs in Node. The lack of checking of current timestamp allows a LogoutRequest XML to be reused multiple times even when the current time is past the NotOnOrAfter. This could impact the user where they would be logged out from an expired LogoutRequest. In bigger contexts, if LogoutRequests are sent out in mass to different SPs, this could impact many users on a large scale. This issue was patched in version 4.0.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T00:14:17.000000Z"}</description>
      <content:encoded>{"uuid": "d68f546d-ac43-4eda-872f-f0e3515d4ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40178", "type": "seen", "source": "https://t.me/cibsecurity/69095", "content": "\u203c CVE-2023-40178 \u203c\n\nNode-SAML is a SAML library not dependent on any frameworks that runs in Node. The lack of checking of current timestamp allows a LogoutRequest XML to be reused multiple times even when the current time is past the NotOnOrAfter. This could impact the user where they would be logged out from an expired LogoutRequest. In bigger contexts, if LogoutRequests are sent out in mass to different SPs, this could impact many users on a large scale. This issue was patched in version 4.0.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T00:14:17.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d68f546d-ac43-4eda-872f-f0e3515d4ef6/export</guid>
      <pubDate>Thu, 24 Aug 2023 00:14:17 +0000</pubDate>
    </item>
    <item>
      <title>56b046ff-cbff-44db-8332-ba95a882c838</title>
      <link>https://vulnerability.circl.lu/sighting/56b046ff-cbff-44db-8332-ba95a882c838/export</link>
      <description>{"uuid": "56b046ff-cbff-44db-8332-ba95a882c838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40177", "type": "seen", "source": "https://t.me/cibsecurity/69091", "content": "\u203c CVE-2023-40177 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can use the content field of their user profile page to execute arbitrary scripts with programming rights, thus effectively performing rights escalation. This issue is present since version 4.3M2 when AppWithinMinutes Application added support for the Content field, allowing any wiki page (including the user profile page) to use its content as an AWM Content field, which has a custom displayer that executes the content with the rights of the ``AppWithinMinutes.Content`` author, rather than the rights of the content author. The vulnerability has been fixed in XWiki 14.10.5 and 15.1RC1. The fix is in the content of the AppWithinMinutes.Content page that defines the custom displayer. By using the ``display`` script service to render the content we make sure that the proper author is used for access rights checks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T00:14:12.000000Z"}</description>
      <content:encoded>{"uuid": "56b046ff-cbff-44db-8332-ba95a882c838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40177", "type": "seen", "source": "https://t.me/cibsecurity/69091", "content": "\u203c CVE-2023-40177 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can use the content field of their user profile page to execute arbitrary scripts with programming rights, thus effectively performing rights escalation. This issue is present since version 4.3M2 when AppWithinMinutes Application added support for the Content field, allowing any wiki page (including the user profile page) to use its content as an AWM Content field, which has a custom displayer that executes the content with the rights of the ``AppWithinMinutes.Content`` author, rather than the rights of the content author. The vulnerability has been fixed in XWiki 14.10.5 and 15.1RC1. The fix is in the content of the AppWithinMinutes.Content page that defines the custom displayer. By using the ``display`` script service to render the content we make sure that the proper author is used for access rights checks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T00:14:12.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/56b046ff-cbff-44db-8332-ba95a882c838/export</guid>
      <pubDate>Thu, 24 Aug 2023 00:14:12 +0000</pubDate>
    </item>
    <item>
      <title>3a003d63-291e-4a84-8b91-c438a8fb0eb2</title>
      <link>https://vulnerability.circl.lu/sighting/3a003d63-291e-4a84-8b91-c438a8fb0eb2/export</link>
      <description>{"uuid": "3a003d63-291e-4a84-8b91-c438a8fb0eb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-40178", "type": "published-proof-of-concept", "source": "https://github.com/node-saml/node-saml/security/advisories/GHSA-vx8m-6fhw-pccw", "content": "", "creation_timestamp": "2023-08-19T02:52:08.000000Z"}</description>
      <content:encoded>{"uuid": "3a003d63-291e-4a84-8b91-c438a8fb0eb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-40178", "type": "published-proof-of-concept", "source": "https://github.com/node-saml/node-saml/security/advisories/GHSA-vx8m-6fhw-pccw", "content": "", "creation_timestamp": "2023-08-19T02:52:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3a003d63-291e-4a84-8b91-c438a8fb0eb2/export</guid>
      <pubDate>Sat, 19 Aug 2023 02:52:08 +0000</pubDate>
    </item>
    <item>
      <title>e11c8c22-382a-4ed0-815d-0fb12f6c173f</title>
      <link>https://vulnerability.circl.lu/sighting/e11c8c22-382a-4ed0-815d-0fb12f6c173f/export</link>
      <description>{"uuid": "e11c8c22-382a-4ed0-815d-0fb12f6c173f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40174", "type": "seen", "source": "https://t.me/cibsecurity/68854", "content": "\u203c CVE-2023-40174 \u203c\n\nSocial media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:40.000000Z"}</description>
      <content:encoded>{"uuid": "e11c8c22-382a-4ed0-815d-0fb12f6c173f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40174", "type": "seen", "source": "https://t.me/cibsecurity/68854", "content": "\u203c CVE-2023-40174 \u203c\n\nSocial media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:40.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e11c8c22-382a-4ed0-815d-0fb12f6c173f/export</guid>
      <pubDate>Sat, 19 Aug 2023 02:38:40 +0000</pubDate>
    </item>
    <item>
      <title>cf445142-0487-49bd-ab39-d853dc23abe4</title>
      <link>https://vulnerability.circl.lu/sighting/cf445142-0487-49bd-ab39-d853dc23abe4/export</link>
      <description>{"uuid": "cf445142-0487-49bd-ab39-d853dc23abe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40175", "type": "seen", "source": "https://t.me/cibsecurity/68853", "content": "\u203c CVE-2023-40175 \u203c\n\nPuma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:39.000000Z"}</description>
      <content:encoded>{"uuid": "cf445142-0487-49bd-ab39-d853dc23abe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40175", "type": "seen", "source": "https://t.me/cibsecurity/68853", "content": "\u203c CVE-2023-40175 \u203c\n\nPuma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cf445142-0487-49bd-ab39-d853dc23abe4/export</guid>
      <pubDate>Sat, 19 Aug 2023 02:38:39 +0000</pubDate>
    </item>
    <item>
      <title>d5fba185-1193-43a0-9105-bf4c49d8429a</title>
      <link>https://vulnerability.circl.lu/sighting/d5fba185-1193-43a0-9105-bf4c49d8429a/export</link>
      <description>{"uuid": "d5fba185-1193-43a0-9105-bf4c49d8429a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40173", "type": "seen", "source": "https://t.me/cibsecurity/68852", "content": "\u203c CVE-2023-40173 \u203c\n\nSocial media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:38.000000Z"}</description>
      <content:encoded>{"uuid": "d5fba185-1193-43a0-9105-bf4c49d8429a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40173", "type": "seen", "source": "https://t.me/cibsecurity/68852", "content": "\u203c CVE-2023-40173 \u203c\n\nSocial media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:38.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d5fba185-1193-43a0-9105-bf4c49d8429a/export</guid>
      <pubDate>Sat, 19 Aug 2023 02:38:38 +0000</pubDate>
    </item>
    <item>
      <title>2e6cb94a-4f83-443b-b394-629b1b0c05f2</title>
      <link>https://vulnerability.circl.lu/sighting/2e6cb94a-4f83-443b-b394-629b1b0c05f2/export</link>
      <description>{"uuid": "2e6cb94a-4f83-443b-b394-629b1b0c05f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40172", "type": "seen", "source": "https://t.me/cibsecurity/68851", "content": "\u203c CVE-2023-40172 \u203c\n\nSocial media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery (CSRF) attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. Prior to version 1.0.5 Social media skeleton did not properly restrict CSRF attacks. This has been addressed in version 1.0.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:36.000000Z"}</description>
      <content:encoded>{"uuid": "2e6cb94a-4f83-443b-b394-629b1b0c05f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40172", "type": "seen", "source": "https://t.me/cibsecurity/68851", "content": "\u203c CVE-2023-40172 \u203c\n\nSocial media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery (CSRF) attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. Prior to version 1.0.5 Social media skeleton did not properly restrict CSRF attacks. This has been addressed in version 1.0.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-19T02:38:36.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2e6cb94a-4f83-443b-b394-629b1b0c05f2/export</guid>
      <pubDate>Sat, 19 Aug 2023 02:38:36 +0000</pubDate>
    </item>
  </channel>
</rss>
