{"vulnerability": "CVE-2021-4270", "sightings": [{"uuid": "74bcd071-de58-4e69-b027-4cc4e4c133f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4270", "type": "seen", "source": "https://t.me/cibsecurity/55087", "content": "\u203c CVE-2021-4270 \u203c\n\nA vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6140b140ccd02b5e4e7d6ba013ac1225724487f4. It is recommended to apply a patch to fix this issue. VDB-216474 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T22:13:18.000000Z"}, {"uuid": "875bc01f-5eac-4ccc-a9ca-4ddd7776e392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4270", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11669", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-4270\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6140b140ccd02b5e4e7d6ba013ac1225724487f4. It is recommended to apply a patch to fix this issue. VDB-216474 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2022-12-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:29:26.353Z\n\ud83d\udd17 References:\n1. https://github.com/peders/Imprint-CMS/commit/6140b140ccd02b5e4e7d6ba013ac1225724487f4\n2. https://vuldb.com/?id.216474", "creation_timestamp": "2025-04-14T17:54:34.000000Z"}, {"uuid": "dd496e8e-c925-4afd-9741-70ae0588608d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42704", "type": "seen", "source": "https://t.me/cibsecurity/42939", "content": "\u203c CVE-2021-42704 \u203c\n\nInkscape version 0.19 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T20:28:50.000000Z"}, {"uuid": "e3acda9e-182d-4f05-88b8-56dbc8959d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42703", "type": "seen", "source": "https://t.me/cibsecurity/32504", "content": "\u203c CVE-2021-42703 (webaccess_hmi_designer) \u203c\n\nThis vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user\u00e2\u20ac\u2122s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T16:26:51.000000Z"}, {"uuid": "d010b34c-fd51-4890-b446-b4058d7008a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42706", "type": "seen", "source": "https://t.me/cibsecurity/32482", "content": "\u203c CVE-2021-42706 \u203c\n\nThis vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T16:20:54.000000Z"}, {"uuid": "f9ae8471-72ec-46a3-8984-47ea6a9d1dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42707", "type": "seen", "source": "https://t.me/cibsecurity/32815", "content": "\u203c CVE-2021-42707 \u203c\n\nPLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-22T22:19:58.000000Z"}, {"uuid": "7ff22280-45b3-4c9b-a89e-1399fe74810a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42705", "type": "seen", "source": "https://t.me/cibsecurity/32816", "content": "\u203c CVE-2021-42705 \u203c\n\nPLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-22T22:20:00.000000Z"}, {"uuid": "6cc1915c-9410-4449-adad-f1b1fd2439c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42701", "type": "seen", "source": "https://t.me/cibsecurity/31905", "content": "\u203c CVE-2021-42701 \u203c\n\nAn attacker could prepare a specially crafted project file that, if opened, would attempt to connect to the cloud and trigger a man in the middle (MiTM) attack. This could allow an attacker to obtain credentials and take over the user\u00e2\u20ac\u2122s cloud account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T19:26:47.000000Z"}]}