<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://db.gcve.eu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-05T23:39:30.232659+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@gcve.eu</email>
  </author>
  <link href="https://db.gcve.eu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://db.gcve.eu/sighting/aad877ef-0181-45b4-9e61-8ef5ad889f26/export</id>
    <title>aad877ef-0181-45b4-9e61-8ef5ad889f26</title>
    <updated>2026-07-05T23:39:30.237386+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "aad877ef-0181-45b4-9e61-8ef5ad889f26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-5MWP-XW7P-5J27", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12751", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23512\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + \"/\" + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.\n\ud83d\udccf Published: 2022-12-14T13:09:36.800Z\n\ud83d\udccf Modified: 2025-04-21T19:20:37.099Z\n\ud83d\udd17 References:\n1. https://github.com/metersphere/metersphere/security/advisories/GHSA-5mwp-xw7p-5j27", "creation_timestamp": "2025-04-21T20:03:23.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/aad877ef-0181-45b4-9e61-8ef5ad889f26/export"/>
    <published>2025-04-21T20:03:23+00:00</published>
  </entry>
</feed>
