{"vulnerability": "CVE-2019-17573", "sightings": [{"uuid": "8e83d4e4-ceba-4b2a-b64a-42d4581ba7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-17573", "type": "seen", "source": "https://t.me/arpsyndicate/132", "content": "#ExploitObserverAlert\n\nCVE-2020-13954\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-13954. By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.\n\nFIRST-EPSS: 0.165290000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-11-12T19:05:42.000000Z"}, {"uuid": "a045ccb5-8001-4849-ab13-06cb02423ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-17573", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwwto2ju6z2t", "content": "", "creation_timestamp": "2025-08-21T21:02:31.250522Z"}, {"uuid": "9a6aaf3b-f906-48c7-9e01-973e8a2a29b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-17573", "type": "seen", "source": "https://t.me/cibsecurity/16206", "content": "\u203c CVE-2020-13954 \u203c\n\nBy default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T16:31:39.000000Z"}]}