{"vulnerability": "CVE-2025-44024", "sightings": [{"uuid": "6698114d-557e-40bb-8c0f-f459dabb54a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-44024", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16422", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44024\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross-Site Scripting (XSS) vulnerability was discovered in the Pichome system v2.1.0 and before. The vulnerability exists due to insufficient sanitization of user input in the login form. An attacker can inject malicious JavaScript code into the username or password fields during the login process\n\ud83d\udccf Published: 2025-05-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-14T20:45:41.467Z\n\ud83d\udd17 References:\n1. https://github.com/zyx0814/Pichome/issues/50", "creation_timestamp": "2025-05-14T21:32:29.000000Z"}, {"uuid": "40a90b56-6343-42c9-b8f9-2e590f14a667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-44024", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp63wh32262h", "content": "", "creation_timestamp": "2025-05-14T22:57:23.549687Z"}]}