{"vulnerability": "CVE-2021-4311", "sightings": [{"uuid": "587a866e-bd6a-4c34-b244-d85458f07841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2021-43113", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "0bbc6dc5-6556-4c52-a326-4c6e3597a207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43110", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lsw35ott6i2r", "content": "", "creation_timestamp": "2025-07-01T16:03:01.228593Z"}, {"uuid": "96b63257-2694-4e37-93a4-b50e066ae802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4311", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11153", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-4311\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2023-01-09T11:20:22.017Z\n\ud83d\udccf Modified: 2025-04-09T19:25:57.677Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.217666\n2. https://vuldb.com/?ctiid.217666\n3. https://github.com/Talend/tmdm-server-se/pull/1420\n4. https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793", "creation_timestamp": "2025-04-09T19:48:29.000000Z"}, {"uuid": "d1852dd9-44b5-4897-8163-e461ef591ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43110", "type": "seen", "source": "https://t.me/cibsecurity/39773", "content": "\u203c CVE-2021-43110 \u203c\n\nAn Access Conrol vulnerability exists in PuneethReddyHC online-shopping-system as of 11/01/2021 in add_products.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T22:11:29.000000Z"}, {"uuid": "a8bab8d5-5cbf-4d38-9860-5a341e8362eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43114", "type": "seen", "source": "https://t.me/cibsecurity/32056", "content": "\u203c CVE-2021-43114 \u203c\n\nFORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-09T16:35:01.000000Z"}, {"uuid": "21b07576-2ad3-455b-9b89-a2d722477203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4311", "type": "seen", "source": "https://t.me/cibsecurity/56145", "content": "\u203c CVE-2021-4311 \u203c\n\nA vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The name of the patch is 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T14:27:29.000000Z"}, {"uuid": "87c45dba-f656-4977-9b90-d5a71e7f31c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43116", "type": "seen", "source": "https://t.me/cibsecurity/45598", "content": "\u203c CVE-2021-43116 \u203c\n\nAn Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-05T18:13:27.000000Z"}, {"uuid": "c0ab58b9-ca1e-42fd-89d2-4f3b28567153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43118", "type": "seen", "source": "https://t.me/cibsecurity/39777", "content": "\u203c CVE-2021-43118 \u203c\n\nA Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900 1.5.1.3, and DrayTek Vigor 300B 1.5.1.3 via a crafted HTTP message containing malformed QUERY STRING in mainfunction.cgi, which could let a remote malicious user execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T00:11:33.000000Z"}, {"uuid": "dbd9a7c7-768c-4b85-a5db-552972e444ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43117", "type": "seen", "source": "https://t.me/cibsecurity/33807", "content": "\u203c CVE-2021-43117 \u203c\n\nfastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-13T14:24:00.000000Z"}]}