{"vulnerability": "cve-2020-2670", "sightings": [{"uuid": "b14e215d-03ae-42f6-ad3f-76fee465e9fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26701", "type": "seen", "source": "https://t.me/cibsecurity/16458", "content": "\u203c CVE-2020-26701 \u203c\n\nCross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-17T20:39:13.000000Z"}, {"uuid": "320118e8-1f8f-4800-b233-b212ee4772f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26708", "type": "seen", "source": "https://t.me/cibsecurity/65758", "content": "\u203c CVE-2020-26708 \u203c\n\nrequests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-30T00:14:33.000000Z"}, {"uuid": "38f93a47-3b2f-44ea-85a3-5500fe81aae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26709", "type": "seen", "source": "https://t.me/cibsecurity/65764", "content": "\u203c CVE-2020-26709 \u203c\n\npy-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-30T00:14:41.000000Z"}, {"uuid": "2c1ab59c-dedf-4fea-b95f-ffaac7cc0bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26701", "type": "seen", "source": "https://t.me/cibsecurity/17330", "content": "\u203c CVE-2020-26701 \u203c\n\nCross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T02:45:18.000000Z"}, {"uuid": "3156d47f-afc5-489e-8eb3-9ae441001d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26701", "type": "seen", "source": "https://t.me/cibsecurity/17338", "content": "\u203c CVE-2020-26701 \u203c\n\nCross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T03:25:13.000000Z"}]}