{"vulnerability": "cve-2020-28071", "sightings": [{"uuid": "df55ab72-d31e-4f6f-8364-5d4e1aadeebd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28071", "type": "seen", "source": "MISP/dab271fa-09e2-4c47-b782-e518ae4966c6", "content": "", "creation_timestamp": "2024-11-14T06:07:42.000000Z"}, {"uuid": "47ed469d-0082-4fb2-92ba-cdd9a5723efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28071", "type": "seen", "source": "https://t.me/cibsecurity/21241", "content": "\u203c CVE-2020-28071 \u203c\n\nSourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-23T21:12:58.000000Z"}]}