{"vulnerability": "CVE-2025-1467", "sightings": [{"uuid": "0ac3ec53-bbb6-44c8-b6ea-ecbc908644b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1467", "type": "seen", "source": "Telegram/HOWrDrRtJJhI0lxzVstaqEvpdh1_Gh89a-PjhvLNEXtXBG3I", "content": "", "creation_timestamp": "2025-02-23T17:38:06.000000Z"}, {"uuid": "937081fe-1b81-4160-a372-bdf3ce672a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-14673", "type": "seen", "source": "Telegram/y0eQAbUKuWo3WgNQ26iaWbPj3ea5ybOv03pwHsLfPooVzvs", "content": "", "creation_timestamp": "2026-01-12T15:02:17.000000Z"}, {"uuid": "a429c0a8-938f-4a3d-8e12-7cc54ee26b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-14672", "type": "seen", "source": "Telegram/y0eQAbUKuWo3WgNQ26iaWbPj3ea5ybOv03pwHsLfPooVzvs", "content": "", "creation_timestamp": "2026-01-12T15:02:17.000000Z"}, {"uuid": "1de669e8-f130-489a-8464-1a18287e6229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1467", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liuob3s6hh2t", "content": "", "creation_timestamp": "2025-02-23T20:27:40.781885Z"}, {"uuid": "1777ed32-00b2-46ea-8396-250643a84231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-14673", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115718490887407319", "content": "", "creation_timestamp": "2025-12-14T14:54:03.464507Z"}, {"uuid": "12f094b2-9016-4115-842d-703d343cf43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-14673", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115724023770054135", "content": "", "creation_timestamp": "2025-12-15T14:21:08.546319Z"}, {"uuid": "3d571984-859f-423f-bc5b-0dc5d6dfdab9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-14675", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mghj627mz72u", "content": "", "creation_timestamp": "2026-03-07T09:27:41.910940Z"}, {"uuid": "3e56a837-186b-4e3c-ac50-890ce695ad59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1467", "type": "seen", "source": "https://t.me/cvedetector/18750", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1467 - Tarteaucitronjs Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-1467 \nPublished : Feb. 23, 2025, 4:15 p.m. | 2\u00a0hours, 1\u00a0minute ago \nDescription : Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight(). This is related to [SNYK-JS-TARTEAUCITRONJS-8366541]() \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-23T19:23:10.000000Z"}, {"uuid": "dacd44ba-38ee-41a9-9e9e-6000997caa12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1467", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5097", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1467\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:P)\n\ud83d\udd39 Description: Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight(). This is related to [SNYK-JS-TARTEAUCITRONJS-8366541](https://security.snyk.io/vuln/SNYK-JS-TARTEAUCITRONJS-8366541)\n\ud83d\udccf Published: 2025-02-23T15:19:46.269Z\n\ud83d\udccf Modified: 2025-02-23T15:19:46.269Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-TARTEAUCITRONJS-8731160\n2. https://github.com/AmauriC/tarteaucitron.js/commit/12490579001d5caa187adcaecb01da570a12076b\n3. https://github.com/AmauriC/tarteaucitron.js/issues/1184\n4. https://gist.github.com/Rudloff/d48f525215bd5426cbb076116c4422dd", "creation_timestamp": "2025-02-23T16:21:07.000000Z"}]}