{"vulnerability": "cve-2020-2138", "sightings": [{"uuid": "4e61eb1e-530a-4b45-88b1-fd4337ee140a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21386", "type": "seen", "source": "https://t.me/cibsecurity/29941", "content": "\u203c CVE-2020-21386 \u203c\n\nA Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T00:29:59.000000Z"}, {"uuid": "7c4d1c0d-9257-49a1-a141-8ce3781ee017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21387", "type": "seen", "source": "https://t.me/cibsecurity/29936", "content": "\u203c CVE-2020-21387 \u203c\n\nA cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T00:29:39.000000Z"}]}