{"vulnerability": "CVE-2021-4385", "sightings": [{"uuid": "a7440582-9508-4033-a3a0-89120bb93d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43850", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-43850\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vulnerability is greater on multisite Discourse instances (where multiple forums are served from a single application server) where any admin user on any of the forums are able to visit the `/message-bus/_diagnostics` path. The problem has been patched. Please upgrade to 2.8.0.beta10 or 2.7.12. No workarounds for this issue exist.\n\ud83d\udccf Published: 2022-01-04T19:35:11.000Z\n\ud83d\udccf Modified: 2025-04-22T18:34:44.857Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse/security/advisories/GHSA-59jr-pj65-qmvr\n2. https://github.com/discourse/discourse/commit/7a8ec129fb54f188b2da6588c9d24d3a36eb0d39", "creation_timestamp": "2025-04-22T19:03:41.000000Z"}, {"uuid": "bacebb72-6204-48ea-ae55-1d0bacd49164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43857", "type": "published-proof-of-concept", "source": "Telegram/byte1I7sgwO5JuboocTNb525Q7iiStsNN-_P5WEzu9fNZ-Q", "content": "", "creation_timestamp": "2025-04-25T05:00:07.000000Z"}, {"uuid": "c3a4fd8d-3a38-427d-8c9a-acd401eda7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43857", "type": "seen", "source": "https://t.me/cibsecurity/34684", "content": "\u203c CVE-2021-43857 \u203c\n\nGerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-27T22:23:09.000000Z"}, {"uuid": "88a28705-d596-47da-b5eb-eafd895a157b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43853", "type": "seen", "source": "https://t.me/cibsecurity/34546", "content": "\u203c CVE-2021-43853 \u203c\n\nAjax.NET Professional (AjaxPro) is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to JavaScript object injection which may result in cross site scripting when leveraged by a malicious user. The affected core relates to JavaScript object creation when parsing json input. Releases before version 21.12.22.1 are affected. A workaround exists that replaces one of the core JavaScript files embedded in the library. See the GHSA-5q7q-qqw2-hjq7 for workaround details.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-23T00:18:30.000000Z"}, {"uuid": "94b35926-cac2-45ae-bc18-a63fa8122a8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43851", "type": "seen", "source": "https://t.me/cibsecurity/34483", "content": "\u203c CVE-2021-43851 \u203c\n\nAnuko Time Tracker is an open source, web-based time tracking application written in PHP. SQL injection vulnerability exist in multiple files in Time Tracker version 1.19.33.5606 and prior due to not properly checking of the \"group\" and \"status\" parameters in POST requests. Group parameter is posted along when navigating between organizational subgroups (groups.php file). Status parameter is used in multiple files to change a status of an entity such as making a project, task, or user inactive. This issue has been patched in version 1.19.33.5607. An upgrade is highly recommended. If an upgrade is not practical, introduce ttValidStatus function as in the latest version and start using it user input check blocks wherever status field is used. For groups.php fix, introduce ttValidInteger function as in the latest version and use it in the access check block in the file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-22T02:17:24.000000Z"}, {"uuid": "31ac20cb-e280-4d37-abdf-5ebf85fdac18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43857", "type": "published-proof-of-concept", "source": "Telegram/ujDzFFrET3ZH5xQdQMIqDWCAd6Ask0YbS48UdaKK1nCHgf0", "content": "", "creation_timestamp": "2025-07-29T21:00:04.000000Z"}, {"uuid": "33c8d64b-d722-4b2e-bee8-dc1128a85a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43859", "type": "seen", "source": "https://t.me/arpsyndicate/3229", "content": "#ExploitObserverAlert\n\nCVE-2021-43859\n\nDESCRIPTION: Exploit Observer has 11 entries in 5 file formats related to CVE-2021-43859. XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible.\n\nFIRST-EPSS: 0.012320000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T06:16:41.000000Z"}, {"uuid": "1289f181-30e9-448d-8c4c-292e90774b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43859", "type": "seen", "source": "https://t.me/cibsecurity/37055", "content": "\u203c CVE-2022-0538 \u203c\n\nJenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-09T16:12:50.000000Z"}, {"uuid": "f5a2e387-4286-4f49-9949-eaadcc31986d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43855", "type": "seen", "source": "https://t.me/cibsecurity/34679", "content": "\u203c CVE-2021-43855 \u203c\n\nWiki.js is a wiki app built on node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through a SVG file upload made via a custom request with a fake MIME type. By creating a crafted SVG file, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the SVG is viewed directly by other users. Scripts do not execute when loaded inside a page via normal `` tags. The malicious SVG can only be uploaded by crafting a custom request to the server with a fake MIME type. A patch in version 2.5.264 fixes this vulnerability by adding an additional file extension verification check to the optional (enabled by default) SVG sanitization step to all file uploads that match the SVG mime type. As a workaround, disable file upload for all non-trusted users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-27T20:23:41.000000Z"}, {"uuid": "aadaa44b-7f22-4f77-850d-93bb7259b1f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43852", "type": "seen", "source": "https://t.me/cibsecurity/34957", "content": "\u203c CVE-2021-43852 \u203c\n\nOroPlatform is a PHP Business Application Platform. In affected versions by sending a specially crafted request, an attacker could inject properties into existing JavaScript language construct prototypes, such as objects. Later this injection may lead to JS code execution by libraries that are vulnerable to Prototype Pollution. This issue has been patched in version 4.2.8. Users unable to upgrade may configure a firewall to drop requests containing next strings: `__proto__` , `constructor[prototype]`, and `constructor.prototype` to mitigate this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T22:38:33.000000Z"}, {"uuid": "3b05246c-a3dc-4ced-88f2-d69fdd6dcedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43850", "type": "seen", "source": "https://t.me/cibsecurity/34953", "content": "\u203c CVE-2021-43850 \u203c\n\nDiscourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vulnerability is greater on multisite Discourse instances (where multiple forums are served from a single application server) where any admin user on any of the forums are able to visit the `/message-bus/_diagnostics` path. The problem has been patched. Please upgrade to 2.8.0.beta10 or 2.7.12. No workarounds for this issue exist.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T22:38:25.000000Z"}, {"uuid": "7955d96e-576e-4f50-98f5-42ff1d802dac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43854", "type": "seen", "source": "https://t.me/cibsecurity/34573", "content": "\u203c CVE-2021-43854 \u203c\n\nNLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability is present in PunktSentenceTokenizer, sent_tokenize and word_tokenize. Any users of this class, or these two functions, are vulnerable to the ReDoS attack. In short, a specifically crafted long input to any of these vulnerable functions will cause them to take a significant amount of execution time. If your program relies on any of the vulnerable functions for tokenizing unpredictable user input, then we would strongly recommend upgrading to a version of NLTK without the vulnerability. For users unable to upgrade the execution time can be bounded by limiting the maximum length of an input to any of the vulnerable functions. Our recommendation is to implement such a limit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-23T20:21:12.000000Z"}, {"uuid": "221c640c-523d-4a79-b62f-634d204c99b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43856", "type": "seen", "source": "https://t.me/cibsecurity/34680", "content": "\u203c CVE-2021-43856 \u203c\n\nWiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through non-image file uploads for file types that can be viewed directly inline in the browser. By creating a malicious file which can execute inline JS when viewed in the browser (e.g. XML files), a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the file is viewed directly by other users. The file must be opened directly by the user and will not trigger directly in a normal Wiki.js page. A patch in version 2.5.264 fixes this vulnerability by adding an optional (enabled by default) force download flag to all non-image file types, preventing the file from being viewed inline in the browser. As a workaround, disable file upload for all non-trusted users. --- Thanks to @Haxatron for reporting this vulnerability. Initially reported via https://huntr.dev/bounties/266bff09-00d9-43ca-a4bb-bb540642811f/\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-27T20:23:43.000000Z"}, {"uuid": "853fe9be-5218-4ffd-ab0a-9a8f701c0ba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43854", "type": "seen", "source": "https://bsky.app/profile/clayton256.bsky.social/post/3ll43cikdp625", "content": "", "creation_timestamp": "2025-03-24T06:00:07.692161Z"}]}