<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T16:39:13.601329+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/de84d254-302f-48e8-8a52-0226b8a70434/export</id>
    <title>de84d254-302f-48e8-8a52-0226b8a70434</title>
    <updated>2026-07-15T16:39:13.626751+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "de84d254-302f-48e8-8a52-0226b8a70434", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22983", "type": "seen", "source": "https://t.me/cibsecurity/42630", "content": "\u203c CVE-2020-22983 \u203c\n\nA Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-13T16:27:40.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/de84d254-302f-48e8-8a52-0226b8a70434/export"/>
    <published>2022-05-13T16:27:40+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7fff5ba6-f7c4-439c-b192-f70468d98ded/export</id>
    <title>7fff5ba6-f7c4-439c-b192-f70468d98ded</title>
    <updated>2026-07-15T16:39:13.628718+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7fff5ba6-f7c4-439c-b192-f70468d98ded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22985", "type": "seen", "source": "https://t.me/cibsecurity/42567", "content": "\u203c CVE-2020-22985 \u203c\n\nCross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-13T00:42:29.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7fff5ba6-f7c4-439c-b192-f70468d98ded/export"/>
    <published>2022-05-13T00:42:29+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d085a911-976d-476f-a5ac-7e8c54ab44b4/export</id>
    <title>d085a911-976d-476f-a5ac-7e8c54ab44b4</title>
    <updated>2026-07-15T16:39:13.628805+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d085a911-976d-476f-a5ac-7e8c54ab44b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22986", "type": "seen", "source": "https://t.me/cibsecurity/42561", "content": "\u203c CVE-2020-22986 \u203c\n\nCross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-13T00:42:24.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d085a911-976d-476f-a5ac-7e8c54ab44b4/export"/>
    <published>2022-05-13T00:42:24+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6fdb0614-99f6-45b8-a064-c8d4ab5c25a2/export</id>
    <title>6fdb0614-99f6-45b8-a064-c8d4ab5c25a2</title>
    <updated>2026-07-15T16:39:13.628873+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6fdb0614-99f6-45b8-a064-c8d4ab5c25a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22987", "type": "seen", "source": "https://t.me/cibsecurity/42558", "content": "\u203c CVE-2020-22987 \u203c\n\nCross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-13T00:42:20.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6fdb0614-99f6-45b8-a064-c8d4ab5c25a2/export"/>
    <published>2022-05-13T00:42:20+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/99a86fdf-2832-4f96-ab6c-d3f130413be1/export</id>
    <title>99a86fdf-2832-4f96-ab6c-d3f130413be1</title>
    <updated>2026-07-15T16:39:13.628936+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "99a86fdf-2832-4f96-ab6c-d3f130413be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22984", "type": "seen", "source": "https://t.me/cibsecurity/42557", "content": "\u203c CVE-2020-22984 \u203c\n\nCross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-13T00:42:18.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/99a86fdf-2832-4f96-ab6c-d3f130413be1/export"/>
    <published>2022-05-13T00:42:18+00:00</published>
  </entry>
</feed>
