{"vulnerability": "cve-2017-1278", "sightings": [{"uuid": "c2bc2312-cf5b-42e1-a4e3-512532bb5494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12788", "type": "seen", "source": "https://t.me/cibsecurity/4205", "content": "ATENTION\u203c New - CVE-2017-12788\n\nMultiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-09T18:28:08.000000Z"}, {"uuid": "c97350fa-81df-4f0a-bf57-36058041337e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12789", "type": "seen", "source": "https://t.me/cibsecurity/4247", "content": "ATENTION\u203c New - CVE-2017-12789\n\nMetinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-10T18:32:13.000000Z"}]}