{"vulnerability": "CVE-2021-26628", "sightings": [{"uuid": "be40954a-9ef3-47a4-8e65-33d00144218d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-26628", "type": "seen", "source": "https://t.me/cibsecurity/41447", "content": "\u203c CVE-2021-26628 \u203c\n\nInsufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. When uploading file in a specific menu, the verification of the files is insufficient. It allows remote attackers to upload arbitrary files disguising them as image files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-29T07:32:42.000000Z"}]}