{"vulnerability": "CVE-2020-1366", "sightings": [{"uuid": "9f64ce5d-1300-491a-a652-49169db97543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13665", "type": "seen", "source": "https://t.me/thehackernews/733", "content": "Just-in: PATCH NOW !!!\n\nDrupal releases updated versions (7.72, 8.8.8, 8.9.1 and 9.0.1) of its CMS software to patch 3 critical vulnerabilities:\n\n\u2705 RCE (CVE-2020-13664), \n\u2705 CSRF (CVE-2020-13663), \n\u2705 Access bypass (CVE-2020-13665)\n\nDetails: https://www.drupal.org/security", "creation_timestamp": "2020-06-17T21:56:34.000000Z"}, {"uuid": "a278978a-d0f1-438d-9eca-fd80b42eba77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13663", "type": "seen", "source": "https://t.me/thehackernews/733", "content": "Just-in: PATCH NOW !!!\n\nDrupal releases updated versions (7.72, 8.8.8, 8.9.1 and 9.0.1) of its CMS software to patch 3 critical vulnerabilities:\n\n\u2705 RCE (CVE-2020-13664), \n\u2705 CSRF (CVE-2020-13663), \n\u2705 Access bypass (CVE-2020-13665)\n\nDetails: https://www.drupal.org/security", "creation_timestamp": "2020-06-17T21:56:34.000000Z"}, {"uuid": "e87965b5-1a9d-468f-8a40-aa548b2408a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13664", "type": "seen", "source": "https://t.me/thehackernews/733", "content": "Just-in: PATCH NOW !!!\n\nDrupal releases updated versions (7.72, 8.8.8, 8.9.1 and 9.0.1) of its CMS software to patch 3 critical vulnerabilities:\n\n\u2705 RCE (CVE-2020-13664), \n\u2705 CSRF (CVE-2020-13663), \n\u2705 Access bypass (CVE-2020-13665)\n\nDetails: https://www.drupal.org/security", "creation_timestamp": "2020-06-17T21:56:34.000000Z"}, {"uuid": "41e2a245-1303-427d-b288-95cee7354f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13669", "type": "seen", "source": "https://t.me/thehackernews/845", "content": "WARNING: Drupal releases patches for 4 newly discovered vulnerabilities, one of which is critical, and others are moderately critical in severity.\n\nhttps://www.drupal.org/security\n\nCVE-2020-13668\nCVE-2020-13670\nCVE-2020-13667\nCVE-2020-13669\n\nUpgrade to Drupal 8.8.10, 8.9.6, or 9.0.6.", "creation_timestamp": "2020-09-16T20:36:47.000000Z"}, {"uuid": "6178939d-900e-4a43-b09f-4e71ac5797b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13668", "type": "seen", "source": "https://t.me/thehackernews/845", "content": "WARNING: Drupal releases patches for 4 newly discovered vulnerabilities, one of which is critical, and others are moderately critical in severity.\n\nhttps://www.drupal.org/security\n\nCVE-2020-13668\nCVE-2020-13670\nCVE-2020-13667\nCVE-2020-13669\n\nUpgrade to Drupal 8.8.10, 8.9.6, or 9.0.6.", "creation_timestamp": "2020-09-16T20:36:47.000000Z"}, {"uuid": "9428d76c-e44b-48a1-8d59-50d249f6b2ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13667", "type": "seen", "source": "https://t.me/thehackernews/845", "content": "WARNING: Drupal releases patches for 4 newly discovered vulnerabilities, one of which is critical, and others are moderately critical in severity.\n\nhttps://www.drupal.org/security\n\nCVE-2020-13668\nCVE-2020-13670\nCVE-2020-13667\nCVE-2020-13669\n\nUpgrade to Drupal 8.8.10, 8.9.6, or 9.0.6.", "creation_timestamp": "2020-09-16T20:36:47.000000Z"}, {"uuid": "e144398d-df88-4425-8a04-b7849157a86b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13663", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2216", "content": "CMS Drupal Core (Drupal 9) Vulnerabilities\n- CVE-2020-13663:\nReflected DOM XSS in Rejected Forms (PoC)\nhttps://www.checkmarx.com/blog/drupal-core-behind-the-vulnerability-part-1-reflected-xss/\n- CVE-2020-13669:\nDefacement, Stored XSS, Self-XSS (PoC)\nhttps://www.checkmarx.com/blog/drupal-core-behind-the-vulnerability-part-2-defacement-stored-xss-and-self-xss", "creation_timestamp": "2020-12-03T11:10:05.000000Z"}, {"uuid": "fb141f0a-c42a-4e63-bdae-372480e39abb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13669", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2216", "content": "CMS Drupal Core (Drupal 9) Vulnerabilities\n- CVE-2020-13663:\nReflected DOM XSS in Rejected Forms (PoC)\nhttps://www.checkmarx.com/blog/drupal-core-behind-the-vulnerability-part-1-reflected-xss/\n- CVE-2020-13669:\nDefacement, Stored XSS, Self-XSS (PoC)\nhttps://www.checkmarx.com/blog/drupal-core-behind-the-vulnerability-part-2-defacement-stored-xss-and-self-xss", "creation_timestamp": "2020-12-03T11:10:05.000000Z"}, {"uuid": "6deef6d4-d3a5-4bef-974a-42db690aef61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13667", "type": "seen", "source": "https://t.me/alexmakus/3642", "content": "\u041f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f Drupal, \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b 4 \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e: \n\nCVE-2020-13668\nCVE-2020-13670\nCVE-2020-13667\nCVE-2020-13669\n\n\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u0435 \u043d\u0430 \u0441\u0432\u0435\u0442\u043b\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 Drupal 8.8.10, 8.9.6, \u0438\u043b\u0438 9.0.6.\n\nhttps://www.drupal.org/security", "creation_timestamp": "2020-09-17T05:50:07.000000Z"}, {"uuid": "1e6581c2-7b97-4139-8863-dd21c696de72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13669", "type": "seen", "source": "https://t.me/alexmakus/3642", "content": "\u041f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f Drupal, \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b 4 \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e: \n\nCVE-2020-13668\nCVE-2020-13670\nCVE-2020-13667\nCVE-2020-13669\n\n\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u0435 \u043d\u0430 \u0441\u0432\u0435\u0442\u043b\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 Drupal 8.8.10, 8.9.6, \u0438\u043b\u0438 9.0.6.\n\nhttps://www.drupal.org/security", "creation_timestamp": "2020-09-17T05:50:07.000000Z"}, {"uuid": "461808ad-59cf-48b3-add0-8a70d6a0d29f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13668", "type": "seen", "source": "https://t.me/alexmakus/3642", "content": "\u041f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f Drupal, \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b 4 \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e: \n\nCVE-2020-13668\nCVE-2020-13670\nCVE-2020-13667\nCVE-2020-13669\n\n\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u0435 \u043d\u0430 \u0441\u0432\u0435\u0442\u043b\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 Drupal 8.8.10, 8.9.6, \u0438\u043b\u0438 9.0.6.\n\nhttps://www.drupal.org/security", "creation_timestamp": "2020-09-17T05:50:07.000000Z"}]}