{"vulnerability": "cve-2021-3395", "sightings": [{"uuid": "c283cb4a-c048-4251-804f-657598eb184b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33950\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\ud83d\udccf Published: 2023-02-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T18:32:19.377Z\n\ud83d\udd17 References:\n1. https://github.com/openkm/document-management-system/pull/288\n2. https://github.com/openkm/document-management-system/issues/287\n3. https://github.com/openkm/document-management-system/commit/ce1d82329615aea6aa9f2cc6508c1fe7891e34b5", "creation_timestamp": "2025-03-18T19:03:04.000000Z"}, {"uuid": "c0857f98-209f-4a40-88c2-fef6fad80ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10503", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33959\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\ud83d\udccf Published: 2023-01-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T17:31:14.663Z\n\ud83d\udd17 References:\n1. https://www.freebuf.com/articles/web/260338.html\n2. https://github.com/lixiang957/CVE-2021-33959", "creation_timestamp": "2025-04-04T17:36:06.000000Z"}, {"uuid": "9a3eb74b-95c9-4ef8-af02-1d2fe22b9346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "seen", "source": "https://t.me/cibsecurity/58471", "content": "\u203c CVE-2021-33950 \u203c\n\nAn issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:19:28.000000Z"}, {"uuid": "1cddc1e8-c89c-4a46-bde5-23268b9a7003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "seen", "source": "https://t.me/cibsecurity/56665", "content": "\u203c CVE-2021-33959 \u203c\n\nPlex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T16:21:02.000000Z"}, {"uuid": "668f8ac8-15bf-44f6-b04b-009ca24d2bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3395", "type": "seen", "source": "https://t.me/cibsecurity/22981", "content": "\u203c CVE-2021-3395 \u203c\n\nA cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-03T00:55:47.000000Z"}]}