{"vulnerability": "cve-2017-18635", "sightings": [{"uuid": "26134b7d-ccdf-4add-b94a-b79a69734116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-18635", "type": "seen", "source": "https://t.me/arpsyndicate/250", "content": "#ExploitObserverAlert\n\nCVE-2017-18635\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2017-18635. An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.\n\nFIRST-EPSS: 0.005060000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-11-17T09:36:14.000000Z"}, {"uuid": "15ef3a03-583a-4708-af9f-09b2974a4120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-18635", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6077", "content": "Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack\nhttps://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-openstack/", "creation_timestamp": "2019-10-22T11:28:04.000000Z"}]}