{"vulnerability": "cve-2020-5497", "sightings": [{"uuid": "827fff49-7a24-4f86-98e0-65e3f68aa1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-5497", "type": "seen", "source": "https://t.me/ctinow/211504", "content": "https://ift.tt/516EzTI\nCVE-2020-5497 | MITREid Connect up to 1.3.3 OpenID Connect Reference Implementation cross site scripting (ID 156574)", "creation_timestamp": "2024-03-19T14:11:54.000000Z"}, {"uuid": "5c86c207-5cc8-48ec-9a37-b14650554d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-5497", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/713", "content": "#exploit                                                                                                                                CVE-2020-5497:\nMITREid Connect XSS\nVer. 1.3.3 and earlier is vulnerable to CSS; the users name is included in *topbar.tag* and *header.tag* without being sanitized.\nhttps://seclists.org/fulldisclosure/2020/Feb/25\nMITREid Connect - An OpenID Connect reference implementation in Java on the Spring platform:\nhttps://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server", "creation_timestamp": "2024-10-09T23:23:29.000000Z"}]}