https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 27 Jun 2026 06:11:25 +0000 https://vulnerability.circl.lu/sighting/1da58251-ec7d-4ed6-808c-8d08adaff7aa/export {"uuid": "1da58251-ec7d-4ed6-808c-8d08adaff7aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22863", "type": "seen", "source": "https://t.me/cibsecurity/56705", "content": "\u203c CVE-2023-22863 \u203c\n\nIBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T22:21:40.000000Z"} {"uuid": "1da58251-ec7d-4ed6-808c-8d08adaff7aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22863", "type": "seen", "source": "https://t.me/cibsecurity/56705", "content": "\u203c CVE-2023-22863 \u203c\n\nIBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T22:21:40.000000Z"} https://vulnerability.circl.lu/sighting/1da58251-ec7d-4ed6-808c-8d08adaff7aa/export Wed, 18 Jan 2023 22:21:40 +0000 https://vulnerability.circl.lu/sighting/406215ca-53e3-4a21-9bbb-2db5c80a861e/export {"uuid": "406215ca-53e3-4a21-9bbb-2db5c80a861e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22868", "type": "seen", "source": "https://t.me/cibsecurity/58458", "content": "\u203c CVE-2023-22868 \u203c\n\nIBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:30.000000Z"} {"uuid": "406215ca-53e3-4a21-9bbb-2db5c80a861e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22868", "type": "seen", "source": "https://t.me/cibsecurity/58458", "content": "\u203c CVE-2023-22868 \u203c\n\nIBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:30.000000Z"} https://vulnerability.circl.lu/sighting/406215ca-53e3-4a21-9bbb-2db5c80a861e/export Fri, 17 Feb 2023 20:13:30 +0000 https://vulnerability.circl.lu/sighting/2426d673-8cc4-4a85-a948-62b01f20910c/export {"uuid": "2426d673-8cc4-4a85-a948-62b01f20910c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22860", "type": "seen", "source": "https://t.me/cibsecurity/58950", "content": "\u203c CVE-2023-22860 \u203c\n\nIBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244100.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T18:27:52.000000Z"} {"uuid": "2426d673-8cc4-4a85-a948-62b01f20910c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22860", "type": "seen", "source": "https://t.me/cibsecurity/58950", "content": "\u203c CVE-2023-22860 \u203c\n\nIBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244100.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T18:27:52.000000Z"} https://vulnerability.circl.lu/sighting/2426d673-8cc4-4a85-a948-62b01f20910c/export Mon, 27 Feb 2023 18:27:52 +0000 https://vulnerability.circl.lu/sighting/b1f9d60b-7f68-427e-9e22-52030cb26104/export {"uuid": "b1f9d60b-7f68-427e-9e22-52030cb26104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22862", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/817", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22862\n\ud83d\udd39 Description: IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.\n\ud83d\udccf Published: 2023-06-04T23:42:57.221Z\n\ud83d\udccf Modified: 2025-01-08T19:50:48.115Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7001053", "creation_timestamp": "2025-01-08T20:14:16.000000Z"} {"uuid": "b1f9d60b-7f68-427e-9e22-52030cb26104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22862", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/817", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22862\n\ud83d\udd39 Description: IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.\n\ud83d\udccf Published: 2023-06-04T23:42:57.221Z\n\ud83d\udccf Modified: 2025-01-08T19:50:48.115Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7001053", "creation_timestamp": "2025-01-08T20:14:16.000000Z"} https://vulnerability.circl.lu/sighting/b1f9d60b-7f68-427e-9e22-52030cb26104/export Wed, 08 Jan 2025 20:14:16 +0000 https://vulnerability.circl.lu/sighting/a17c9f34-7d7a-42ae-b09a-f0c71bad70d9/export {"uuid": "a17c9f34-7d7a-42ae-b09a-f0c71bad70d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22860", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7008", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22860\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244100.\n\ud83d\udccf Published: 2023-02-27T14:23:44.782Z\n\ud83d\udccf Modified: 2025-03-10T13:48:36.149Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6958062\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/244100", "creation_timestamp": "2025-03-10T14:38:53.000000Z"} {"uuid": "a17c9f34-7d7a-42ae-b09a-f0c71bad70d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22860", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7008", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22860\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244100.\n\ud83d\udccf Published: 2023-02-27T14:23:44.782Z\n\ud83d\udccf Modified: 2025-03-10T13:48:36.149Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6958062\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/244100", "creation_timestamp": "2025-03-10T14:38:53.000000Z"} https://vulnerability.circl.lu/sighting/a17c9f34-7d7a-42ae-b09a-f0c71bad70d9/export Mon, 10 Mar 2025 14:38:53 +0000 https://vulnerability.circl.lu/sighting/109198a0-3132-47c9-9e11-c3ecf027519f/export {"uuid": "109198a0-3132-47c9-9e11-c3ecf027519f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22868", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7384", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22868\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.\n\ud83d\udccf Published: 2023-02-17T16:01:36.702Z\n\ud83d\udccf Modified: 2025-03-12T20:08:02.937Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6952319\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/244117", "creation_timestamp": "2025-03-12T20:42:50.000000Z"} {"uuid": "109198a0-3132-47c9-9e11-c3ecf027519f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22868", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7384", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22868\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.\n\ud83d\udccf Published: 2023-02-17T16:01:36.702Z\n\ud83d\udccf Modified: 2025-03-12T20:08:02.937Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6952319\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/244117", "creation_timestamp": "2025-03-12T20:42:50.000000Z"} https://vulnerability.circl.lu/sighting/109198a0-3132-47c9-9e11-c3ecf027519f/export Wed, 12 Mar 2025 20:42:50 +0000