{"vulnerability": "CVE-2018-1563", "sightings": [{"uuid": "98185127-44aa-441c-9f86-c61e28bd2c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1563", "type": "exploited", "source": "https://www.exploit-db.com/exploits/45190", "content": "", "creation_timestamp": "2018-08-13T00:00:00.000000Z"}, {"uuid": "f8aedb8f-4ab5-47e8-b767-72c6e1d879f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-15633", "type": "seen", "source": "https://t.me/cibsecurity/21165", "content": "\u203c CVE-2018-15633 \u203c\n\nCross-site scripting (XSS) issue in \"document\" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-22T20:53:12.000000Z"}, {"uuid": "419df7d1-4499-4c02-a9d7-2d53109fbe35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-15632", "type": "seen", "source": "https://t.me/cibsecurity/21174", "content": "\u203c CVE-2018-15632 \u203c\n\nImproper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-22T20:53:21.000000Z"}, {"uuid": "424a1cde-0573-44e7-8eb2-2f70df88a8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-15634", "type": "seen", "source": "https://t.me/cibsecurity/21173", "content": "\u203c CVE-2018-15634 \u203c\n\nCross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-22T20:53:21.000000Z"}, {"uuid": "ba67b1ab-c87b-4a16-9000-d9d9757a289a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-15638", "type": "seen", "source": "https://t.me/cibsecurity/21177", "content": "\u203c CVE-2018-15638 \u203c\n\nCross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted channel names.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-22T20:53:28.000000Z"}]}