<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 16 Jul 2026 02:02:48 +0000</lastBuildDate>
    <item>
      <title>c0857f98-209f-4a40-88c2-fef6fad80ed5</title>
      <link>https://vulnerability.circl.lu/sighting/c0857f98-209f-4a40-88c2-fef6fad80ed5/export</link>
      <description>{"uuid": "c0857f98-209f-4a40-88c2-fef6fad80ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10503", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33959\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\ud83d\udccf Published: 2023-01-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T17:31:14.663Z\n\ud83d\udd17 References:\n1. https://www.freebuf.com/articles/web/260338.html\n2. https://github.com/lixiang957/CVE-2021-33959", "creation_timestamp": "2025-04-04T17:36:06.000000Z"}</description>
      <content:encoded>{"uuid": "c0857f98-209f-4a40-88c2-fef6fad80ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10503", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33959\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\ud83d\udccf Published: 2023-01-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T17:31:14.663Z\n\ud83d\udd17 References:\n1. https://www.freebuf.com/articles/web/260338.html\n2. https://github.com/lixiang957/CVE-2021-33959", "creation_timestamp": "2025-04-04T17:36:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c0857f98-209f-4a40-88c2-fef6fad80ed5/export</guid>
      <pubDate>Fri, 04 Apr 2025 17:36:06 +0000</pubDate>
    </item>
    <item>
      <title>c283cb4a-c048-4251-804f-657598eb184b</title>
      <link>https://vulnerability.circl.lu/sighting/c283cb4a-c048-4251-804f-657598eb184b/export</link>
      <description>{"uuid": "c283cb4a-c048-4251-804f-657598eb184b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33950\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\ud83d\udccf Published: 2023-02-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T18:32:19.377Z\n\ud83d\udd17 References:\n1. https://github.com/openkm/document-management-system/pull/288\n2. https://github.com/openkm/document-management-system/issues/287\n3. https://github.com/openkm/document-management-system/commit/ce1d82329615aea6aa9f2cc6508c1fe7891e34b5", "creation_timestamp": "2025-03-18T19:03:04.000000Z"}</description>
      <content:encoded>{"uuid": "c283cb4a-c048-4251-804f-657598eb184b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33950\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\ud83d\udccf Published: 2023-02-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T18:32:19.377Z\n\ud83d\udd17 References:\n1. https://github.com/openkm/document-management-system/pull/288\n2. https://github.com/openkm/document-management-system/issues/287\n3. https://github.com/openkm/document-management-system/commit/ce1d82329615aea6aa9f2cc6508c1fe7891e34b5", "creation_timestamp": "2025-03-18T19:03:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c283cb4a-c048-4251-804f-657598eb184b/export</guid>
      <pubDate>Tue, 18 Mar 2025 19:03:04 +0000</pubDate>
    </item>
    <item>
      <title>9a3eb74b-95c9-4ef8-af02-1d2fe22b9346</title>
      <link>https://vulnerability.circl.lu/sighting/9a3eb74b-95c9-4ef8-af02-1d2fe22b9346/export</link>
      <description>{"uuid": "9a3eb74b-95c9-4ef8-af02-1d2fe22b9346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "seen", "source": "https://t.me/cibsecurity/58471", "content": "\u203c CVE-2021-33950 \u203c\n\nAn issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:19:28.000000Z"}</description>
      <content:encoded>{"uuid": "9a3eb74b-95c9-4ef8-af02-1d2fe22b9346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "seen", "source": "https://t.me/cibsecurity/58471", "content": "\u203c CVE-2021-33950 \u203c\n\nAn issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:19:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9a3eb74b-95c9-4ef8-af02-1d2fe22b9346/export</guid>
      <pubDate>Fri, 17 Feb 2023 20:19:28 +0000</pubDate>
    </item>
    <item>
      <title>1cddc1e8-c89c-4a46-bde5-23268b9a7003</title>
      <link>https://vulnerability.circl.lu/sighting/1cddc1e8-c89c-4a46-bde5-23268b9a7003/export</link>
      <description>{"uuid": "1cddc1e8-c89c-4a46-bde5-23268b9a7003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "seen", "source": "https://t.me/cibsecurity/56665", "content": "\u203c CVE-2021-33959 \u203c\n\nPlex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T16:21:02.000000Z"}</description>
      <content:encoded>{"uuid": "1cddc1e8-c89c-4a46-bde5-23268b9a7003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "seen", "source": "https://t.me/cibsecurity/56665", "content": "\u203c CVE-2021-33959 \u203c\n\nPlex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T16:21:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1cddc1e8-c89c-4a46-bde5-23268b9a7003/export</guid>
      <pubDate>Wed, 18 Jan 2023 16:21:02 +0000</pubDate>
    </item>
    <item>
      <title>668f8ac8-15bf-44f6-b04b-009ca24d2bf7</title>
      <link>https://vulnerability.circl.lu/sighting/668f8ac8-15bf-44f6-b04b-009ca24d2bf7/export</link>
      <description>{"uuid": "668f8ac8-15bf-44f6-b04b-009ca24d2bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3395", "type": "seen", "source": "https://t.me/cibsecurity/22981", "content": "\u203c CVE-2021-3395 \u203c\n\nA cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-03T00:55:47.000000Z"}</description>
      <content:encoded>{"uuid": "668f8ac8-15bf-44f6-b04b-009ca24d2bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3395", "type": "seen", "source": "https://t.me/cibsecurity/22981", "content": "\u203c CVE-2021-3395 \u203c\n\nA cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-03T00:55:47.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/668f8ac8-15bf-44f6-b04b-009ca24d2bf7/export</guid>
      <pubDate>Wed, 03 Feb 2021 00:55:47 +0000</pubDate>
    </item>
  </channel>
</rss>
