{"vulnerability": "CVE-2021-3603", "sightings": [{"uuid": "a1dda0d5-59ed-4caf-b943-fa7345156c0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3603", "type": "seen", "source": "https://gist.github.com/CRCError111/c9826d1e721e62da3006bd274ab83b4b", "content": "", "creation_timestamp": "2026-01-25T08:02:56.000000Z"}, {"uuid": "6a2af7d2-9869-4374-80e5-1640138aaa3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36037", "type": "seen", "source": "https://t.me/cibsecurity/28185", "content": "\u203c CVE-2021-36037 \u203c\n\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-01T18:41:15.000000Z"}, {"uuid": "70ba18ec-7c9d-4310-837c-fffdf62e0756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36032", "type": "seen", "source": "https://t.me/cibsecurity/28154", "content": "\u203c CVE-2021-36032 \u203c\n\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-01T18:34:49.000000Z"}]}