https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 03 Jun 2026 23:29:05 +0000 https://vulnerability.circl.lu/sighting/18c33ded-22f3-4488-a11b-a21b8bac4057/export {"uuid": "18c33ded-22f3-4488-a11b-a21b8bac4057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21260", "type": "seen", "source": "https://t.me/cibsecurity/22528", "content": "\u203c CVE-2021-21260 \u203c\n\nOnline Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf token and sends a request to change password. It has been found that Item description is reflected without sanitization in app/items_view.php which enables the malicious scenario.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-22T20:29:24.000000Z"} {"uuid": "18c33ded-22f3-4488-a11b-a21b8bac4057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21260", "type": "seen", "source": "https://t.me/cibsecurity/22528", "content": "\u203c CVE-2021-21260 \u203c\n\nOnline Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf token and sends a request to change password. It has been found that Item description is reflected without sanitization in app/items_view.php which enables the malicious scenario.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-22T20:29:24.000000Z"} https://vulnerability.circl.lu/sighting/18c33ded-22f3-4488-a11b-a21b8bac4057/export Fri, 22 Jan 2021 20:29:24 +0000