{"vulnerability": "CVE-2020-1395", "sightings": [{"uuid": "917bac5c-3c51-4338-b33a-3fcaf5b4bf5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13951", "type": "seen", "source": "MISP/bc6be4fd-d08a-4c57-ba21-ef6a25ac8c94", "content": "", "creation_timestamp": "2024-11-14T06:07:19.000000Z"}, {"uuid": "eee0cc13-854c-465a-8b34-66127a295d11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13956", "type": "seen", "source": "https://gist.github.com/LavrukhinaV/1f757155d7df99b50b544dacd84e2d60", "content": "", "creation_timestamp": "2025-12-14T13:56:04.000000Z"}, {"uuid": "792f747d-a6c5-4545-a115-0c5490986d3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13956", "type": "seen", "source": "https://gist.github.com/might-might/40e680f1f9ce10e8b91c6629d1f0fec9", "content": "", "creation_timestamp": "2025-12-13T20:32:11.000000Z"}, {"uuid": "3d0fcc3c-363e-4dda-a4c1-9a8bb95fe242", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13956", "type": "seen", "source": "https://gist.github.com/might-might/7893a493252338fe360077f6f10e55e2", "content": "", "creation_timestamp": "2025-12-13T20:32:46.000000Z"}, {"uuid": "5b02703a-4a3b-432c-92e4-aa0842d69948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13956", "type": "seen", "source": "https://t.me/cibsecurity/17046", "content": "\u203c CVE-2020-13956 \u203c\n\nApache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-02T20:55:16.000000Z"}, {"uuid": "a596eae2-7e0a-4d19-9604-447310f8c46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13956", "type": "seen", "source": "https://gist.github.com/Butters7/e65bcd1f3d9095d96764c7a4c79b936a", "content": "", "creation_timestamp": "2026-01-14T22:24:35.000000Z"}, {"uuid": "adf99a0b-ed06-4394-aa3d-bf87ab8d7578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13950", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "9f7b3492-06bc-4707-9216-b0022efda86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13954", "type": "seen", "source": "https://t.me/arpsyndicate/132", "content": "#ExploitObserverAlert\n\nCVE-2020-13954\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2020-13954. By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.\n\nFIRST-EPSS: 0.165290000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-11-12T19:05:42.000000Z"}, {"uuid": "bd0a3cb4-e91c-4518-ae21-ff7a1bea0060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13955", "type": "seen", "source": "https://t.me/cibsecurity/15179", "content": "\u203c CVE-2020-13955 \u203c\n\nHttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters. The method itself is in a utility class so people may use it to create vulnerable HTTPS connections for other applications. From Apache Calcite 1.26 onwards, the hostname verification will be performed using the default JVM truststore.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-09T16:33:21.000000Z"}, {"uuid": "09326330-74ab-4a33-8fe2-f551bd816825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13958", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2095", "content": "#exploit\n1. CVE-2020-13958:\nApache OpenOffice 4 <=4.1.7 - RCE\nhttps://github.com/irsl/apache-openoffice-rce-via-uno-links\n\n2. CVE-2020-15349, CVE-2020-27192:\nForklift <=3.3.9, <=3.4 - LPE on macOS\nhttps://insinuator.net/2020/11/forklift-lpe", "creation_timestamp": "2023-04-23T12:57:57.000000Z"}, {"uuid": "57ca2211-0b3d-4882-bf6b-823b45688700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13954", "type": "seen", "source": "https://t.me/cibsecurity/16206", "content": "\u203c CVE-2020-13954 \u203c\n\nBy default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T16:31:39.000000Z"}, {"uuid": "0e239de5-0ab2-4983-9b24-4a04da49a2e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13958", "type": "seen", "source": "https://t.me/cibsecurity/16449", "content": "\u203c CVE-2020-13958 \u203c\n\nA vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be called from the document event handler and other hyperlinks require a control-click.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-17T18:39:12.000000Z"}]}