{"vulnerability": "cve-2024-2165", "sightings": [{"uuid": "a1c0274d-3816-4d65-9548-5e13893e2b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7784", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2024-21650 - XWiki < Remote code execution (RCE)\nURL\uff1ahttps://github.com/codeb0ss/CVE-2024-21650-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-28T16:03:01.000000Z"}, {"uuid": "b59b5ded-b041-4dd6-a0d5-e122f65ab1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lztuw3a3io2e", "content": "", "creation_timestamp": "2025-09-27T21:02:28.200237Z"}, {"uuid": "f2f73a4a-f034-4c7a-acd2-bb9de020d305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2165", "type": "seen", "source": "https://t.me/arpsyndicate/4481", "content": "#ExploitObserverAlert\n\nCVE-2024-2165\n\nDESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2165. The SEOPress \u2013 On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt parameter in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-04-11T08:34:00.000000Z"}, {"uuid": "30624ef0-9233-4d4c-8a22-634d02ba75f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/xwiki_cve_2024_21650", "content": "", "creation_timestamp": "2024-01-31T17:06:37.000000Z"}, {"uuid": "58df76d7-eb36-4700-a854-cf3df0594cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21658", "type": "seen", "source": "https://t.me/cvedetector/4539", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21658 - Discourse Calendar Insufficient Input Validation Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-21658 \nPublished : Aug. 30, 2024, 6:15 p.m. | 15\u00a0minutes ago \nDescription : discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic. The limit on region value length is too generous. This allows a malicious actor to cause a Discourse instance to use excessive bandwidth and disk space. This issue has been patched in main the main branch. There are no workarounds for this vulnerability. Please upgrade as soon as possible. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T20:39:59.000000Z"}, {"uuid": "7b8d1ce3-3087-4142-8011-9e8cc1c10cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21654", "type": "seen", "source": "https://t.me/arpsyndicate/2820", "content": "#ExploitObserverAlert\n\nCVE-2024-21654\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-21654. Rubygems.org is the Ruby community's gem hosting service. Rubygems.org users with MFA enabled would normally be protected from account takeover in the case of email account takeover. However, a workaround on the forgotten password form allows an attacker to bypass the MFA requirement and takeover the account. This vulnerability has been patched in commit 0b3272a.", "creation_timestamp": "2024-01-16T01:31:14.000000Z"}, {"uuid": "97ab9ceb-75c5-43bd-b90e-8c5042f9efea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21652", "type": "seen", "source": "https://t.me/ctinow/210925", "content": "https://ift.tt/zsY5gMX\nCVE-2024-21652", "creation_timestamp": "2024-03-18T20:36:48.000000Z"}, {"uuid": "1b81df89-76db-4ef8-89ac-28b375a5a3bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1472", "content": "", "creation_timestamp": "2024-09-17T21:29:40.000000Z"}, {"uuid": "8c0b3370-c2ce-4a73-9f30-e22b1efc267e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21652", "type": "seen", "source": "https://t.me/ctinow/210869", "content": "https://ift.tt/5iYKrbl\nCVE-2024-21652", "creation_timestamp": "2024-03-18T19:27:09.000000Z"}, {"uuid": "ed5897b6-c7a8-49bf-8f61-75b372c383d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21653", "type": "seen", "source": "https://t.me/ctinow/176102", "content": "https://ift.tt/78neE0M\nCVE-2024-21653", "creation_timestamp": "2024-01-30T17:21:57.000000Z"}, {"uuid": "cdf2b6a6-c003-4be9-841f-b791d4905a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21655", "type": "seen", "source": "https://t.me/ctinow/178335", "content": "https://ift.tt/FrWSLA7\nCVE-2024-21655 | Discourse up to 3.1.3/3.2.0.beta3 resource consumption (GHSA-m5fc-94mm-38fx)", "creation_timestamp": "2024-02-03T00:21:21.000000Z"}, {"uuid": "27e022a4-f483-45e8-80dd-d4e49ecd4f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21654", "type": "seen", "source": "https://t.me/ctinow/178358", "content": "https://ift.tt/A3ZY1iH\nCVE-2024-21654 | RubyGems.org 2FA improper authentication (GHSA-4v23-vj8h-7jp2)", "creation_timestamp": "2024-02-03T02:26:53.000000Z"}, {"uuid": "92d64289-2888-4481-a2a7-7bcd04a45c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21653", "type": "seen", "source": "https://t.me/ctinow/190528", "content": "https://ift.tt/NPJga7i\nCVE-2024-21653 | vantage6 up to 4.1.x SSH Service access control (GHSA-2wgc-48g2-cj5w)", "creation_timestamp": "2024-02-22T08:37:17.000000Z"}, {"uuid": "64b559b9-aa8a-4212-864b-90ff5cb9e645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21654", "type": "seen", "source": "https://t.me/ctinow/168519", "content": "https://ift.tt/mX9n1qy\nCVE-2024-21654", "creation_timestamp": "2024-01-15T18:47:01.000000Z"}, {"uuid": "6a73a0ce-be87-497b-9c32-500566f335fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21651", "type": "seen", "source": "https://t.me/ctinow/173716", "content": "https://ift.tt/Fv04TyM\nCVE-2024-21651 | XWiki xwiki-platform-distribution-war Attachment denial of service (GHSA-8959-rfxh-r4j4)", "creation_timestamp": "2024-01-25T19:16:46.000000Z"}, {"uuid": "9bff6296-c1f9-4e23-8ee1-0295e1c3a4e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "seen", "source": "https://t.me/ctinow/173395", "content": "https://ift.tt/ZM0UL1T\nCVE-2024-21650 | XWiki xwiki-platform up to 14.10.16/15.5.2/15.7 User Registration first name/last name neutralization of directives", "creation_timestamp": "2024-01-25T12:11:22.000000Z"}, {"uuid": "dba58b1b-5212-42a6-8a8c-18891ee17353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21655", "type": "seen", "source": "https://t.me/ctinow/167577", "content": "https://ift.tt/nHLVwKW\nCVE-2024-21655", "creation_timestamp": "2024-01-12T22:41:54.000000Z"}, {"uuid": "eef2d090-3f8a-4ad1-a378-59f2ffda30aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21654", "type": "seen", "source": "https://t.me/ctinow/167576", "content": "https://ift.tt/WnFmYAp\nCVE-2024-21654", "creation_timestamp": "2024-01-12T22:41:53.000000Z"}, {"uuid": "84c3e74b-39c4-46af-b90a-a04afd3d5b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "seen", "source": "https://t.me/ctinow/166844", "content": "https://ift.tt/3WjnMdr\nCVE-2024-21650 Exploit", "creation_timestamp": "2024-01-11T21:17:18.000000Z"}, {"uuid": "f5f1b5d7-b45e-46d0-ab57-d0583205908d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21650", "type": "seen", "source": "https://t.me/ctinow/164516", "content": "https://ift.tt/zR6SiY2\nCVE-2024-21650", "creation_timestamp": "2024-01-08T17:21:29.000000Z"}, {"uuid": "821e9e08-fcc8-4ee9-838a-4458c1ffdf32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21651", "type": "seen", "source": "https://t.me/ctinow/164737", "content": "https://ift.tt/jbr425P\nCVE-2024-21651", "creation_timestamp": "2024-01-09T01:26:32.000000Z"}]}