<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 16 Jul 2026 08:23:12 +0000</lastBuildDate>
    <item>
      <title>c510b0a8-7458-405b-89b8-d60c59d2bd81</title>
      <link>https://vulnerability.circl.lu/sighting/c510b0a8-7458-405b-89b8-d60c59d2bd81/export</link>
      <description>{"uuid": "c510b0a8-7458-405b-89b8-d60c59d2bd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2720", "type": "seen", "source": "https://t.me/cibsecurity/51256", "content": "\u203c CVE-2022-2720 \u203c\n\nIn affected versions of Octopus Server it was identified that when a sensitive value is a substring of another value, sensitive value masking will only partially work.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T12:40:50.000000Z"}</description>
      <content:encoded>{"uuid": "c510b0a8-7458-405b-89b8-d60c59d2bd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2720", "type": "seen", "source": "https://t.me/cibsecurity/51256", "content": "\u203c CVE-2022-2720 \u203c\n\nIn affected versions of Octopus Server it was identified that when a sensitive value is a substring of another value, sensitive value masking will only partially work.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T12:40:50.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c510b0a8-7458-405b-89b8-d60c59d2bd81/export</guid>
      <pubDate>Wed, 12 Oct 2022 12:40:50 +0000</pubDate>
    </item>
    <item>
      <title>8cb4774c-06ca-45eb-a56f-cc209a331880</title>
      <link>https://vulnerability.circl.lu/sighting/8cb4774c-06ca-45eb-a56f-cc209a331880/export</link>
      <description>{"uuid": "8cb4774c-06ca-45eb-a56f-cc209a331880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27200", "type": "seen", "source": "https://t.me/cibsecurity/38953", "content": "\u203c CVE-2022-27200 \u203c\n\nJenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:48.000000Z"}</description>
      <content:encoded>{"uuid": "8cb4774c-06ca-45eb-a56f-cc209a331880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27200", "type": "seen", "source": "https://t.me/cibsecurity/38953", "content": "\u203c CVE-2022-27200 \u203c\n\nJenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:48.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8cb4774c-06ca-45eb-a56f-cc209a331880/export</guid>
      <pubDate>Tue, 15 Mar 2022 19:19:48 +0000</pubDate>
    </item>
    <item>
      <title>74ef399e-de1a-4493-a33e-75a59c5ad52a</title>
      <link>https://vulnerability.circl.lu/sighting/74ef399e-de1a-4493-a33e-75a59c5ad52a/export</link>
      <description>{"uuid": "74ef399e-de1a-4493-a33e-75a59c5ad52a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27204", "type": "seen", "source": "https://t.me/cibsecurity/38946", "content": "\u203c CVE-2022-27204 \u203c\n\nA cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:40.000000Z"}</description>
      <content:encoded>{"uuid": "74ef399e-de1a-4493-a33e-75a59c5ad52a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27204", "type": "seen", "source": "https://t.me/cibsecurity/38946", "content": "\u203c CVE-2022-27204 \u203c\n\nA cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:40.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/74ef399e-de1a-4493-a33e-75a59c5ad52a/export</guid>
      <pubDate>Tue, 15 Mar 2022 19:19:40 +0000</pubDate>
    </item>
    <item>
      <title>43720ef4-395a-4f6b-ae6e-b4526835df8c</title>
      <link>https://vulnerability.circl.lu/sighting/43720ef4-395a-4f6b-ae6e-b4526835df8c/export</link>
      <description>{"uuid": "43720ef4-395a-4f6b-ae6e-b4526835df8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27208", "type": "seen", "source": "https://t.me/cibsecurity/38945", "content": "\u203c CVE-2022-27208 \u203c\n\nJenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:39.000000Z"}</description>
      <content:encoded>{"uuid": "43720ef4-395a-4f6b-ae6e-b4526835df8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27208", "type": "seen", "source": "https://t.me/cibsecurity/38945", "content": "\u203c CVE-2022-27208 \u203c\n\nJenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/43720ef4-395a-4f6b-ae6e-b4526835df8c/export</guid>
      <pubDate>Tue, 15 Mar 2022 19:19:39 +0000</pubDate>
    </item>
    <item>
      <title>71a0abd6-5aa2-4c29-972c-9a4b3a988a17</title>
      <link>https://vulnerability.circl.lu/sighting/71a0abd6-5aa2-4c29-972c-9a4b3a988a17/export</link>
      <description>{"uuid": "71a0abd6-5aa2-4c29-972c-9a4b3a988a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27205", "type": "seen", "source": "https://t.me/cibsecurity/38943", "content": "\u203c CVE-2022-27205 \u203c\n\nA missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:34.000000Z"}</description>
      <content:encoded>{"uuid": "71a0abd6-5aa2-4c29-972c-9a4b3a988a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27205", "type": "seen", "source": "https://t.me/cibsecurity/38943", "content": "\u203c CVE-2022-27205 \u203c\n\nA missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:34.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/71a0abd6-5aa2-4c29-972c-9a4b3a988a17/export</guid>
      <pubDate>Tue, 15 Mar 2022 19:19:34 +0000</pubDate>
    </item>
    <item>
      <title>ec24e333-5c64-40e7-a6fb-205f15beda56</title>
      <link>https://vulnerability.circl.lu/sighting/ec24e333-5c64-40e7-a6fb-205f15beda56/export</link>
      <description>{"uuid": "ec24e333-5c64-40e7-a6fb-205f15beda56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27207", "type": "seen", "source": "https://t.me/cibsecurity/38939", "content": "\u203c CVE-2022-27207 \u203c\n\nJenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:30.000000Z"}</description>
      <content:encoded>{"uuid": "ec24e333-5c64-40e7-a6fb-205f15beda56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27207", "type": "seen", "source": "https://t.me/cibsecurity/38939", "content": "\u203c CVE-2022-27207 \u203c\n\nJenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:30.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ec24e333-5c64-40e7-a6fb-205f15beda56/export</guid>
      <pubDate>Tue, 15 Mar 2022 19:19:30 +0000</pubDate>
    </item>
    <item>
      <title>271ade47-c382-4c47-b541-b3f640527fa1</title>
      <link>https://vulnerability.circl.lu/sighting/271ade47-c382-4c47-b541-b3f640527fa1/export</link>
      <description>{"uuid": "271ade47-c382-4c47-b541-b3f640527fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27202", "type": "seen", "source": "https://t.me/cibsecurity/38938", "content": "\u203c CVE-2022-27202 \u203c\n\nJenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:29.000000Z"}</description>
      <content:encoded>{"uuid": "271ade47-c382-4c47-b541-b3f640527fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27202", "type": "seen", "source": "https://t.me/cibsecurity/38938", "content": "\u203c CVE-2022-27202 \u203c\n\nJenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T19:19:29.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/271ade47-c382-4c47-b541-b3f640527fa1/export</guid>
      <pubDate>Tue, 15 Mar 2022 19:19:29 +0000</pubDate>
    </item>
  </channel>
</rss>
