{"vulnerability": "CVE-2020-2239", "sightings": [{"uuid": "3e75590a-3909-4753-9a92-1f7c3e4d9ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22392", "type": "seen", "source": "https://t.me/cibsecurity/26916", "content": "\u203c CVE-2020-22392 \u203c\n\nCross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T02:42:52.000000Z"}, {"uuid": "5d3c8012-f9b3-414d-b8eb-1c176f44f8b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22390", "type": "seen", "source": "https://t.me/cibsecurity/25575", "content": "\u203c CVE-2020-22390 \u203c\n\nAkaunting &lt;= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-21T18:15:16.000000Z"}, {"uuid": "8df8db55-61e2-45cf-b1ec-6b7ad0d75770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22394", "type": "seen", "source": "https://t.me/cibsecurity/16610", "content": "\u203c CVE-2020-22394 \u203c\n\nIn YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T20:41:49.000000Z"}]}