{"vulnerability": "CVE-2021-31589", "sightings": [{"uuid": "323aeb5e-7142-4f88-8315-49e7a59b81f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31589", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-31589.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "76abc5ab-4c4d-49a4-974a-0a1a91ea6ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31589", "type": "seen", "source": "https://t.me/arpsyndicate/1602", "content": "#ExploitObserverAlert\n\nCVE-2021-31589\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2021-31589. A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization.\n\nFIRST-EPSS: 0.002860000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-12-10T02:36:53.000000Z"}, {"uuid": "f54ae2a8-2c0d-4a30-bae9-34d511430a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31589", "type": "seen", "source": "https://t.me/cibsecurity/34975", "content": "\u203c CVE-2021-31589 \u203c\n\nBeyondTrust Secure Remote Access Base Software through 6.0.1 allows an attacker to achieve full admin access to the appliance, by tricking the administrator into creating a new admin account through an XSS/CSRF attack involving a crafted request to the /appliance/users?action=edit endpoint. This cross-site-scripting (XSS) vulnerability occurs when it does not properly sanitize an unauthenticated crafted web request to the server\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-05T14:40:43.000000Z"}]}