{"vulnerability": "CVE-2021-2076", "sightings": [{"uuid": "3aa11f98-1164-4539-993c-2c176754a786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20765", "type": "seen", "source": "https://t.me/cibsecurity/27491", "content": "\u203c CVE-2021-20765 \u203c\n\nCross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:16:53.000000Z"}, {"uuid": "9ff3844c-4cd8-41ab-98f6-a3452529bb27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20764", "type": "seen", "source": "https://t.me/cibsecurity/27495", "content": "\u203c CVE-2021-20764 \u203c\n\nImproper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:17:00.000000Z"}, {"uuid": "909f0e33-a0b3-48e6-a7af-77b3aaceb365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20761", "type": "seen", "source": "https://t.me/cibsecurity/27493", "content": "\u203c CVE-2021-20761 \u203c\n\nImproper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:16:55.000000Z"}, {"uuid": "693d1541-75fe-4650-8daa-6a8135de7bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20768", "type": "seen", "source": "https://t.me/cibsecurity/27487", "content": "\u203c CVE-2021-20768 \u203c\n\nOperational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:16:48.000000Z"}, {"uuid": "d369ffab-3732-4abd-9be2-f9f6a11219c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20760", "type": "seen", "source": "https://t.me/cibsecurity/27483", "content": "\u203c CVE-2021-20760 \u203c\n\nImproper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:16:43.000000Z"}, {"uuid": "b5699607-078e-444d-b790-7052adc05433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20769", "type": "seen", "source": "https://t.me/cibsecurity/27480", "content": "\u203c CVE-2021-20769 \u203c\n\nCross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:16:40.000000Z"}, {"uuid": "21eb3baa-2dba-4957-a46f-70018b58e503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20763", "type": "seen", "source": "https://t.me/cibsecurity/27479", "content": "\u203c CVE-2021-20763 \u203c\n\nOperational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T12:16:39.000000Z"}]}