{"vulnerability": "CVE-2020-1594", "sightings": [{"uuid": "01ec4328-8403-45b7-9fe6-f7d20b580f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15941", "type": "seen", "source": "https://t.me/cibsecurity/30029", "content": "\u203c CVE-2020-15941 \u203c\n\nA path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-06T14:37:50.000000Z"}, {"uuid": "3b4c901d-bc12-43fe-a58f-4e4dfedcd411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15940", "type": "seen", "source": "https://t.me/cibsecurity/31633", "content": "\u203c CVE-2020-15940 \u203c\n\nAn improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-02T21:23:25.000000Z"}, {"uuid": "07a3a5e3-1bd0-4291-996b-ef4dbf36e888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15943", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/1532", "content": "#exploit\nAtlassian Jira &lt;=5.5.4/&lt;=5.5.3\nmodule \"Gantt-Chart for Jira\":\n\n1. CVE-2020-15944:\nCross-Site Scripting\nhttps://seclists.org/fulldisclosure/2020/Aug/1\n\n2. CVE-2020-15943:\nImproper Privilege Management\nhttps://seclists.org/fulldisclosure/2020/Aug/0", "creation_timestamp": "2024-10-17T18:08:05.000000Z"}, {"uuid": "c3e29e86-68d3-4d12-b0b8-4ef483179222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15944", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/1532", "content": "#exploit\nAtlassian Jira &lt;=5.5.4/&lt;=5.5.3\nmodule \"Gantt-Chart for Jira\":\n\n1. CVE-2020-15944:\nCross-Site Scripting\nhttps://seclists.org/fulldisclosure/2020/Aug/1\n\n2. CVE-2020-15943:\nImproper Privilege Management\nhttps://seclists.org/fulldisclosure/2020/Aug/0", "creation_timestamp": "2024-10-17T18:08:05.000000Z"}, {"uuid": "67381070-90fd-4439-b76b-5cee463053cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15949", "type": "seen", "source": "https://t.me/cibsecurity/15864", "content": "\u203c CVE-2020-15949 \u203c\n\nImmuta v2.8.2 is affected by one instance of insecure permissions that can lead to user account takeover.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-05T18:49:14.000000Z"}]}