{"vulnerability": "CVE-2021-4194", "sightings": [{"uuid": "91b7689a-990d-40d3-a519-c23069b7aa5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41946", "type": "seen", "source": "https://t.me/cibsecurity/42886", "content": "\u203c CVE-2021-41946 \u203c\n\nIn FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control --> Access Time Restriction --> Username field, a user cannot delete the rule due to the XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T14:28:26.000000Z"}, {"uuid": "54b49951-180c-48ed-8ff0-7e4a96aafcc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41943", "type": "seen", "source": "https://t.me/arpsyndicate/847", "content": "#ExploitObserverAlert\n\nCVE-2021-41943\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-41943. Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field.\n\nFIRST-EPSS: 0.000500000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-12-01T08:53:23.000000Z"}, {"uuid": "4b5d587e-00b8-4095-89fb-a4453caf5b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41943", "type": "seen", "source": "https://t.me/cibsecurity/54368", "content": "\u203c CVE-2021-41943 \u203c\n\nLogrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T02:21:11.000000Z"}, {"uuid": "a2085636-2f3e-4b3c-aa1d-65d16d5aa305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41947", "type": "seen", "source": "https://t.me/cibsecurity/30237", "content": "\u203c CVE-2021-41947 \u203c\n\nA SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T16:40:06.000000Z"}, {"uuid": "40c38315-a179-4147-8ed9-3b7975bd94ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41948", "type": "seen", "source": "https://t.me/cibsecurity/41657", "content": "\u203c CVE-2021-41948 \u203c\n\nA cross-site scripting (XSS) vulnerability exists in the \"contact us\" plugin for Subrion CMS <= 4.2.1 version via \"List of subjects\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-29T18:24:29.000000Z"}, {"uuid": "e1abd78c-0e3e-4e83-b20a-5997c9a034f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41942", "type": "seen", "source": "https://t.me/cibsecurity/41632", "content": "\u203c CVE-2021-41942 \u203c\n\nThe Magic CMS MSVOD v10 video system has a SQL injection vulnerability. Attackers can use vulnerabilities to obtain sensitive information in the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-29T16:25:08.000000Z"}, {"uuid": "c77ecf7e-9fbc-4088-a397-d442c67c0776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41945", "type": "seen", "source": "https://t.me/cibsecurity/41576", "content": "\u203c CVE-2021-41945 \u203c\n\nEncode OSS <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T18:24:20.000000Z"}, {"uuid": "e72391ae-12e3-49da-97c3-c973560431a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4194", "type": "seen", "source": "https://t.me/cibsecurity/35075", "content": "\u203c CVE-2021-4194 \u203c\n\nbookstack is vulnerable to Improper Access Control\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-06T20:41:12.000000Z"}]}