{"vulnerability": "CVE-2021-36538", "sightings": [{"uuid": "05f47f5d-6d1a-4723-bcc7-428a64953878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36538", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8878", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-36538\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting (XSS) vulnerability in Gurock TestRail before 7.1.2 allows remote authenticated attackers to run arbitrary code via the reference field in milestones or description fields in reports.\n\ud83d\udccf Published: 2023-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T16:20:39.444Z\n\ud83d\udd17 References:\n1. https://gist.github.com/miglen/b09498b4b9fe1be58973bd474af125ab", "creation_timestamp": "2025-03-26T16:25:08.000000Z"}, {"uuid": "62786b93-8654-41e3-aff2-8a7981f0deac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36538", "type": "seen", "source": "https://t.me/cibsecurity/57495", "content": "\u203c CVE-2021-36538 \u203c\n\nCross Site Scripting (XSS) vulnerability in Gurock TestRail before 7.1.2 allows remote authenticated attackers to run arbitrary code via the reference field in milestones or description fields in reports.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T20:25:48.000000Z"}]}