{"vulnerability": "CVE-2020-13663", "sightings": [{"uuid": "a278978a-d0f1-438d-9eca-fd80b42eba77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13663", "type": "seen", "source": "https://t.me/thehackernews/733", "content": "Just-in: PATCH NOW !!!\n\nDrupal releases updated versions (7.72, 8.8.8, 8.9.1 and 9.0.1) of its CMS software to patch 3 critical vulnerabilities:\n\n\u2705 RCE (CVE-2020-13664), \n\u2705 CSRF (CVE-2020-13663), \n\u2705 Access bypass (CVE-2020-13665)\n\nDetails: https://www.drupal.org/security", "creation_timestamp": "2020-06-17T21:56:34.000000Z"}, {"uuid": "e144398d-df88-4425-8a04-b7849157a86b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13663", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2216", "content": "CMS Drupal Core (Drupal 9) Vulnerabilities\n- CVE-2020-13663:\nReflected DOM XSS in Rejected Forms (PoC)\nhttps://www.checkmarx.com/blog/drupal-core-behind-the-vulnerability-part-1-reflected-xss/\n- CVE-2020-13669:\nDefacement, Stored XSS, Self-XSS (PoC)\nhttps://www.checkmarx.com/blog/drupal-core-behind-the-vulnerability-part-2-defacement-stored-xss-and-self-xss", "creation_timestamp": "2020-12-03T11:10:05.000000Z"}]}