{"vulnerability": "CVE-2024-25895", "sightings": [{"uuid": "84d76a42-c321-47dc-8537-5c2416082048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25895", "type": "seen", "source": "https://t.me/arpsyndicate/4035", "content": "#ExploitObserverAlert\n\nCVE-2024-25895\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25895. A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 5.5.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter of /EventAttendance.php", "creation_timestamp": "2024-02-22T20:29:54.000000Z"}, {"uuid": "23ab1fef-e85e-4df7-983d-fd0552f4eb7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25895", "type": "seen", "source": "https://t.me/ctinow/206536", "content": "https://ift.tt/IVN3nS5\nCVE-2024-25895 | ChurchCRM 5.5.0 /EventAttendance.php type cross site scripting (Issue 6853)", "creation_timestamp": "2024-03-13T10:41:08.000000Z"}, {"uuid": "4d1cf648-ce94-4ffb-bfc0-a1a76869d860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25895", "type": "seen", "source": "https://t.me/ctinow/189971", "content": "https://ift.tt/Yv1m3wS\nCVE-2024-25895", "creation_timestamp": "2024-02-21T19:21:59.000000Z"}, {"uuid": "d3ccbcc0-4e54-4f92-91fe-51601cf9dc27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25895", "type": "seen", "source": "https://t.me/ctinow/189984", "content": "https://ift.tt/Yv1m3wS\nCVE-2024-25895", "creation_timestamp": "2024-02-21T19:26:31.000000Z"}]}