{"vulnerability": "CVE-2021-4269", "sightings": [{"uuid": "5253153b-5a4e-494d-b072-309cda115181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4269", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11668", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-4269\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472.\n\ud83d\udccf Published: 2022-12-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:29:39.357Z\n\ud83d\udd17 References:\n1. https://github.com/simplerisk/code/commit/591405b4ed160fbefc1dca1e55c5745079a7bb48\n2. https://github.com/simplerisk/code/releases/tag/20220306-001\n3. https://vuldb.com/?id.216472", "creation_timestamp": "2025-04-14T17:54:33.000000Z"}, {"uuid": "5db726da-c11d-4d78-aeea-858f65e1e074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42694", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/793", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aGenerate malicious files using recently published homoglyphic-attack (CVE-2021-42694)\nURL\uff1ahttps://github.com/js-on/CVE-2021-42694", "creation_timestamp": "2021-11-02T20:44:08.000000Z"}, {"uuid": "0982d0e2-9f14-4ff9-81c4-2d4073a6f6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42694", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/389", "content": "Applications that reproduce #CVE-2021-22119\nhttps://github.com/mari6274/oauth-client-exploit\n\nGenerate malicious files using recently published homoglyphic-attack #CVE-2021-42694\nhttps://github.com/js-on/CVE-2021-42694\n\nmetasploit script #poc about #CVE-2021-36260\nhttps://github.com/TaroballzChen/CVE-2021-36260-metasploit", "creation_timestamp": "2021-11-03T17:55:14.000000Z"}, {"uuid": "8382cc67-95c6-4107-b8b9-94f988ce18b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42694", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2278", "content": "\u0423\u0447\u0435\u043d\u044b\u0435 \u0438\u0437 \u041a\u0435\u043c\u0431\u0440\u0438\u0434\u0436\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0432 \u0421\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u043e\u043c \u041a\u043e\u0440\u043e\u043b\u0435\u0432\u0441\u0442\u0432\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0435\u0449\u0435 25 \u0438\u044e\u043b\u044f \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 Trojan Source, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0440\u0435\u0446\u0435\u043d\u0437\u0435\u043d\u0442\u044b \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c\u0443 \u041f\u041e \u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0430\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n \nTrojan Source \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043f\u0440\u0438\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u0430 \u0438\u043b\u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0443\u0445\u0438\u0449\u0440\u0435\u043d\u0438\u0439, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f C, C ++, C #, JavaScript, Java, Rust, Go \u0438 Python. \u0412\u0441\u044f \u0444\u0438\u0448\u043a\u0430 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 Unicode \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u0440\u044f\u0434\u043a\u0430 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u043a\u043e\u0434\u0435 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n \n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u044b, \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u0438 \u0441\u0442\u0440\u043e\u043a\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0443\u043f\u043e\u0440\u044f\u0434\u043e\u0447\u0438\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u043c\u0435\u043d\u044f\u044f \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043a\u0430\u0440\u0442\u0438\u043d\u043a\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0435\u0433\u043e \u043b\u043e\u0433\u0438\u043a\u0443 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043f\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c.\n \n\u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f Trojan Source \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043f\u043e \u0434\u0432\u0443\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u043c: CVE-2021-42574 (\u0438\u043b\u0438 \u0434\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430) \u0438 CVE-2021-42694 (\u0433\u043e\u043c\u043e\u0433\u043b\u0438\u0444\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0430\u0442\u0430\u043a\u0430).\n \n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Unicode \u0434\u043b\u044f \u0434\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0442\u0435\u043d\u0442. \u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, LRI \u0438 RLI. \u0414\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 (Bidi) \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f LRI \u0438 RLI \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0435\u0432\u0438\u0434\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438, \u0438 \u043e\u043d\u0438 \u043d\u0435 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435. \u0412\u0432\u043e\u0434\u044f \u044d\u0442\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438, \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u043c\u043e\u0436\u0435\u0442 \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0434, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 \u043e\u0442 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0432\u0438\u0434\u0438\u0442 \u0447\u0435\u043b\u043e\u0432\u0435\u043a.\n \n\u0412\u043d\u0435\u0434\u0440\u044f\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u044b \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f Unicode Bidi \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u0438 \u0441\u0442\u0440\u043e\u043a\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0447\u0435\u0441\u043a\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0439 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u044f\u0437\u044b\u043a\u043e\u0432, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043e\u0440\u044f\u0434\u043e\u043a \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u0443, \u043e\u0442\u043b\u0438\u0447\u0430\u044e\u0449\u0443\u044e\u0441\u044f \u043e\u0442 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u0438.\n \n\u0412\u0442\u043e\u0440\u043e\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0430\u0442\u0430\u043a\u0438 \u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0438 \u0433\u043e\u043c\u043e\u0433\u043b\u0438\u0444\u043e\u0432, \u0442\u043e \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0445\u043e\u0442\u044c \u0438 \u0438\u043c\u0435\u044e\u0442 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u0435 \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0440\u0430\u0437\u043d\u044b\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b. \u0427\u0435\u043b\u043e\u0432\u0435\u0447\u0435\u0441\u043a\u0438\u0439 \u0433\u043b\u0430\u0437 \u0431\u0443\u0434\u0435\u0442 \u0432\u0438\u0434\u0435\u0442\u044c \u043e\u0431\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0447\u043d\u044b\u043c\u0438, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442 \u043b\u0430\u0442\u0438\u043d\u0441\u043a\u0443\u044e \u00abH\u00bb \u0438 \u043a\u0438\u0440\u0438\u043b\u043b\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u00abH\u00bb \u0438 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043a\u043e\u0434 \u043a\u0430\u043a \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0434\u0432\u0435 \u0440\u0430\u0437\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442 \u0440\u0430\u0437\u043d\u044b\u043c.\n \n\u041e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0442\u0430\u043a\u0436\u0435, \u0447\u0442\u043e \u0441\u0438\u043c\u0432\u043e\u043b\u044b Bidi \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u043f\u0440\u0438 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438/\u0432\u0441\u0442\u0430\u0432\u043a\u0435 \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u043e\u0432 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. Trojan Source \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430\u0445 \u043a\u043e\u0434\u0430 \u0438 \u0432\u0435\u0431-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 (\u043e\u0446\u0435\u043d\u0438\u0442\u0435 \u0441\u0430\u043c\u0438 \u043d\u0438\u0436\u0435 \u0432 \u0442\u0430\u0431\u043b\u0438\u0446\u0435)\n \n\u0417\u0430 \u0441\u0432\u043e\u0438 \u0438\u0437\u044b\u0441\u043a\u0430\u043d\u0438\u044f \u043d\u0430\u0443\u0447\u043d\u044b\u0435 \u0434\u0435\u044f\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c 2 246 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u043f\u043e bugbounty. \u041d\u0430 GitHub \u043e\u043d\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442, \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u0442\u0430\u043a\u0430: \u0442\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e Trojan Source \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0447\u0442\u0438 \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u0435 \u044f\u0437\u044b\u043a\u0438, \u0430 \u043f\u0430\u0442\u0447\u0438 \u0435\u0449\u0435 \u0442\u043e\u043b\u043a\u043e\u043c \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043f\u043e\u0447\u0442\u0438 \u0434\u0432\u0430 \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.", "creation_timestamp": "2021-11-02T15:50:04.000000Z"}, {"uuid": "a7096fab-0333-4068-944d-04936320d178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4269", "type": "seen", "source": "https://t.me/cibsecurity/55074", "content": "\u203c CVE-2021-4269 \u203c\n\nA vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T22:13:02.000000Z"}, {"uuid": "b8a9956e-40b6-4ae7-a6c7-c177008b744c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42698", "type": "seen", "source": "https://t.me/cibsecurity/31904", "content": "\u203c CVE-2021-42698 \u203c\n\nProject files are stored memory objects in the form of binary serialized data that can later be read and deserialized again to instantiate the original objects in memory. Malicious manipulation of these files may allow an attacker to corrupt memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T19:26:46.000000Z"}, {"uuid": "0fea37cd-a090-4aa6-b923-d1c0342dba42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42692", "type": "seen", "source": "https://t.me/cibsecurity/43367", "content": "\u203c CVE-2021-42692 \u203c\n\nThere is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-26T14:13:59.000000Z"}, {"uuid": "fd4503a7-6e2b-482d-a973-d4fec3a23fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42699", "type": "seen", "source": "https://t.me/cibsecurity/31902", "content": "\u203c CVE-2021-42699 \u203c\n\nThe affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user\u00e2\u20ac\u2122s cookie and take over the account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T19:26:44.000000Z"}, {"uuid": "b41d0c83-ce4a-41e5-af4b-bf6735847343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42697", "type": "seen", "source": "https://t.me/cibsecurity/31672", "content": "\u203c CVE-2021-42697 \u203c\n\nAkka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T01:23:11.000000Z"}, {"uuid": "a27f863d-9adc-4d10-9fee-874a3a96af3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42694", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4656", "content": "#Research\n\"Trojan Source: Invisible Vulnerabilities\", 2021.\n]-&gt; PoC: https://github.com/nickboucher/trojan-source\n]-&gt; https://trojansource.codes\n]-&gt; PoC for CVE-2021-42694:\nhttps://github.com/js-on/CVE-2021-42694\n\n// A new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding standards (Unicode) to produce source code whose tokens are logically encoded in a different order from the one in which they are displayed, leading to vulnerabilities that cannot be perceived directly by human code reviewers...", "creation_timestamp": "2024-10-04T14:45:46.000000Z"}]}