{"vulnerability": "CVE-2021-26929", "sightings": [{"uuid": "23893038-c826-41e2-87fd-2e99d2b9f863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26929", "type": "seen", "source": "MISP/0d1db1c1-c9b1-4ec2-8b8b-30e6fc132a61", "content": "", "creation_timestamp": "2024-11-14T06:08:50.000000Z"}, {"uuid": "3ded379e-340e-4bfd-8de7-47ab8cb17440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26929", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/171", "content": "CVE-2021-26929 Webmail Edition 5.2.22 XSS&\u9060\u7a0b\u547d\u4ee4\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-26929_Webmail_Edition_5.2.22_XSS%26%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:48.000000Z"}, {"uuid": "7722be74-d573-43e4-9d99-50a28f90db47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26929", "type": "seen", "source": "https://t.me/cibsecurity/23577", "content": "\u203c CVE-2021-26929 \u203c\n\nAn XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \\x00\\x00\\x00 and \\x01\\x01\\x01 interferes with XSS defenses.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-14T07:45:11.000000Z"}]}