{"vulnerability": "CVE-2021-3424", "sightings": [{"uuid": "793a1679-940f-43a1-93ee-1c479e03376a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3424", "type": "seen", "source": "https://t.me/arpsyndicate/3176", "content": "#ExploitObserverAlert\n\nCVE-2021-3424\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2021-3424. A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges.\n\nFIRST-EPSS: 0.000720000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T03:04:22.000000Z"}, {"uuid": "d7854884-8aad-4f04-9311-074da5b2f6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34248", "type": "seen", "source": "https://t.me/cibsecurity/58893", "content": "\u203c CVE-2021-34248 \u203c\n\nSQL injection vulnerability in sourcecodester mobile-shop-system-php-mysql 1.0 allows remote attackers to log in via crafterdstring in the email field of the log in page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-25T00:19:33.000000Z"}, {"uuid": "af7bd200-8a4d-4114-8765-1bb7c12492e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34249", "type": "seen", "source": "https://t.me/cibsecurity/58896", "content": "\u203c CVE-2021-34249 \u203c\n\nSQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T07:36:34.000000Z"}, {"uuid": "305109a4-6983-41ee-892e-180b4c873959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34243", "type": "seen", "source": "https://t.me/cibsecurity/25607", "content": "\u203c CVE-2021-34243 \u203c\n\nA stored cross site scripting (XSS) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to execute arbitrary web scripts or HTML via a crafted file uploaded into the Document Management tab. The exploit is triggered when a user visits the upload location of the crafted file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-22T18:16:20.000000Z"}]}