https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 01:06:35 +0000 https://db.gcve.eu/sighting/ba8a75d6-2f7a-418d-9510-c1bff22394df/export {"uuid": "ba8a75d6-2f7a-418d-9510-c1bff22394df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37392", "type": "seen", "source": "https://t.me/cibsecurity/26508", "content": "\u203c CVE-2021-37392 \u203c\n\nIn RPCMS v1.8 and below, the \"nickname\" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-26T22:11:37.000000Z"} {"uuid": "ba8a75d6-2f7a-418d-9510-c1bff22394df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37392", "type": "seen", "source": "https://t.me/cibsecurity/26508", "content": "\u203c CVE-2021-37392 \u203c\n\nIn RPCMS v1.8 and below, the \"nickname\" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-26T22:11:37.000000Z"} https://db.gcve.eu/sighting/ba8a75d6-2f7a-418d-9510-c1bff22394df/export Mon, 26 Jul 2021 22:11:37 +0000