{"vulnerability": "CVE-2021-41714", "sightings": [{"uuid": "4fdd89bd-dc29-40e8-b836-9ebc789e8714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41714", "type": "seen", "source": "https://t.me/cibsecurity/43177", "content": "\u203c CVE-2021-41714 \u203c\n\nIn Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T20:41:56.000000Z"}, {"uuid": "422198d8-88bf-42d1-a365-93d03425bf9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41714", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lo57i2a7js2e", "content": "", "creation_timestamp": "2025-05-01T21:03:05.368275Z"}]}