{"vulnerability": "CVE-2021-41952", "sightings": [{"uuid": "28e841b9-6f0b-440a-b370-767348da748f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41952", "type": "seen", "source": "https://t.me/cibsecurity/38878", "content": "\u203c CVE-2021-41952 \u203c\n\nZenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T17:18:34.000000Z"}]}