{"vulnerability": "CVE-2025-27823", "sightings": [{"uuid": "7a796ac3-4f9b-419c-9641-ec85846444b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27823", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "9c165228-a564-46bb-987e-e505c1a8afe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27823", "type": "seen", "source": "https://t.me/cvedetector/19862", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27823 - Backdrop CMS Mail Disguise Module XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27823 \nPublished : March 7, 2025, 10:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : An issue was discovered in the Mail Disguise module before 1.x-1.0.5 for Backdrop CMS. It enables a website to obfuscate email addresses, and should prevent spambots from collecting them. The module doesn't sufficiently validate the data attribute value on links, potentially leading to a Cross Site Scripting (XSS) vulnerability. This is mitigated by the fact an attacker must be able to insert link () HTML elements containing data attributes into the page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-08T00:58:41.000000Z"}, {"uuid": "fe69f2ad-50c8-40bb-b93d-7e35e3186640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27823", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:35.000000Z"}]}