{"vulnerability": "cve-2020-1958", "sightings": [{"uuid": "af1abd06-4822-44c3-9df8-d9d4007d3a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-1958", "type": "published-proof-of-concept", "source": "https://t.me/cKure/234", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 #CVE-2020-1958; A high severity #LDAP injection vulnerability in\u00a0#Apache #Druid\u00a00.17.0 allowing an attacker to bypass LDAP search filter and retrieve any LDAP attribute values of users that exist on the LDAP server.\n\nhttps://github.com/ggolawski/CVE-2020-1958/", "creation_timestamp": "2020-04-12T06:21:11.000000Z"}, {"uuid": "f981d10d-2b1e-4948-b339-38e46ae59820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-19586", "type": "seen", "source": "https://t.me/cibsecurity/49759", "content": "\u203c CVE-2020-19586 \u203c\n\nIncorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T14:26:24.000000Z"}, {"uuid": "7f814a9d-0062-43a7-8498-4bdf87db389b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-19587", "type": "seen", "source": "https://t.me/cibsecurity/49758", "content": "\u203c CVE-2020-19587 \u203c\n\nCross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T14:26:23.000000Z"}]}