https://db.gcve.eu/sightings/feed 2026-05-10T04:48:55.718454+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/bfaceb7f-7014-4a62-965c-4a8393e257dc/export 2026-05-10T04:48:56.107569+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "bfaceb7f-7014-4a62-965c-4a8393e257dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-38JP-HQG7-HHJ2", "type": "seen", "source": "https://t.me/arpsyndicate/801", "content": "#ExploitObserverAlert\n\nGHSA-38jp-hqg7-hhj2\n\nDESCRIPTION: Exploit Observer has 1 entries related to GHSA-38JP-HQG7-HHJ2. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.\n\nGHSS: 5.4", "creation_timestamp": "2023-11-30T08:27:33.000000Z"} 2023-11-30T08:27:33+00:00