{"vulnerability": "CVE-2025-29471", "sightings": [{"uuid": "4b441f0e-c7c0-48b0-8546-361eda42170d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29471", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29471\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field.\n\ud83d\udccf Published: 2025-04-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T21:56:33.209Z\n\ud83d\udd17 References:\n1. https://youtu.be/MvJuIkdTSQg\n2. https://www.nagios.com/changelog/#log-server\n3. https://www.exploit-db.com/exploits/52117", "creation_timestamp": "2025-04-15T22:55:56.000000Z"}, {"uuid": "45e0e1d8-87ef-4646-b643-e50bec8a1db6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29471", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:57.000000Z"}, {"uuid": "addac4ad-2028-4bcc-8327-cf05a5dd3a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29471", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmv5meqk2t2r", "content": "", "creation_timestamp": "2025-04-15T22:43:12.274418Z"}, {"uuid": "f72535f1-ad75-470a-9e33-86dc4f7d93fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29471", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:41.000000Z"}, {"uuid": "652366b7-b368-4515-b5c2-8df781decc20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29471", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/16127", "content": "\ud83d\udea8CVE-2025-29471: Stored XSS PoC\n\nCross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field.\n\nCredit: youtube.com/@organics000", "creation_timestamp": "2025-04-16T01:01:37.000000Z"}, {"uuid": "58feb1f0-82e8-43aa-bd30-173d1112307f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29471", "type": "published-proof-of-concept", "source": "https://t.me/CybNux/7833", "content": "\ud83d\udea8CVE-2025-29471: Stored XSS PoC\n\n\u062a\u0633\u0645\u062d \u062b\u063a\u0631\u0629 Cross Site Scripting \u0641\u064a Nagios Log Server v.2024R1.3.1 \u0644\u0645\u0647\u0627\u062c\u0645 \u0639\u0646 \u0628\u0639\u062f \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0639\u0628\u0631 \u062d\u0645\u0648\u0644\u0629 \u0641\u064a \u062d\u0642\u0644 \u0627\u0644\u0628\u0631\u064a\u062f \u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a.", "creation_timestamp": "2025-04-16T02:06:11.000000Z"}]}