{"vulnerability": "cve-2016-1108", "sightings": [{"uuid": "e6c3db19-853c-43df-854d-0670cde47237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11086", "type": "seen", "source": "https://t.me/cibsecurity/14887", "content": "ATENTION\u203c New - CVE-2016-11086\n\nlib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-25T01:55:20.000000Z"}, {"uuid": "d0e0029b-102e-44fd-ac0d-a1079c6a64bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11083", "type": "seen", "source": "https://t.me/cibsecurity/12936", "content": "ATENTION\u203c New - CVE-2016-11083\n\nAn issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:23.000000Z"}, {"uuid": "65637804-da48-41b9-a90f-a1d66397fe72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11082", "type": "seen", "source": "https://t.me/cibsecurity/12937", "content": "ATENTION\u203c New - CVE-2016-11082\n\nAn issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:24.000000Z"}, {"uuid": "4a972026-6a93-4f68-b517-52d7ff945bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11081", "type": "seen", "source": "https://t.me/cibsecurity/12938", "content": "ATENTION\u203c New - CVE-2016-11081\n\nAn issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:25.000000Z"}, {"uuid": "3da0808e-10fe-4831-be13-ab877096056c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11080", "type": "seen", "source": "https://t.me/cibsecurity/12939", "content": "ATENTION\u203c New - CVE-2016-11080\n\nAn issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:26.000000Z"}, {"uuid": "c5e6ba94-4276-46bd-91b9-b36e7faf2980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11085", "type": "seen", "source": "https://t.me/cibsecurity/14155", "content": "ATENTION\u203c New - CVE-2016-11085\n\nphp/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-16T22:55:14.000000Z"}, {"uuid": "1c0ae31b-dbe8-4901-b6e3-ea7cffa003da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11084", "type": "seen", "source": "https://t.me/cibsecurity/12935", "content": "ATENTION\u203c New - CVE-2016-11084\n\nAn issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:22.000000Z"}]}