{"vulnerability": "CVE-2021-4411", "sightings": [{"uuid": "b706c308-fabf-4e07-8436-867287ee2333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44117", "type": "seen", "source": "https://t.me/cibsecurity/44176", "content": "\u203c CVE-2021-44117 \u203c\n\nA Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-10T16:40:43.000000Z"}, {"uuid": "e22beebd-c2ec-42e5-abe1-136806041799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44118", "type": "seen", "source": "https://t.me/cibsecurity/36298", "content": "\u203c CVE-2021-44118 \u203c\n\nSPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users (stored XSS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-26T14:19:37.000000Z"}, {"uuid": "2b05a30d-490b-4ba1-99a0-6d34209d4502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44114", "type": "seen", "source": "https://t.me/cibsecurity/36597", "content": "\u203c CVE-2021-44114 \u203c\n\nCross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-31T20:25:30.000000Z"}]}