{"vulnerability": "cve-2021-2062", "sightings": [{"uuid": "3720d1f2-c2b3-4569-82c5-42f0ee844f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20627", "type": "seen", "source": "https://t.me/cibsecurity/25069", "content": "\u203c CVE-2021-20627 \u203c\n\nCross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-18T06:36:46.000000Z"}, {"uuid": "cf73c2c8-e924-4715-b3ce-6b68b134468f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20625", "type": "seen", "source": "https://t.me/cibsecurity/25078", "content": "\u203c CVE-2021-20625 \u203c\n\nImproper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-18T06:43:24.000000Z"}, {"uuid": "a90eb3e4-3e6f-4495-a75c-aa6f8654b8f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20624", "type": "seen", "source": "https://t.me/cibsecurity/25077", "content": "\u203c CVE-2021-20624 \u203c\n\nImproper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Scheduler via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-18T06:36:56.000000Z"}, {"uuid": "119a6411-4442-455e-9b49-55090221c65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20626", "type": "seen", "source": "https://t.me/cibsecurity/25073", "content": "\u203c CVE-2021-20626 \u203c\n\nImproper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and alter the data of Workflow via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-18T06:36:50.000000Z"}, {"uuid": "97cdac78-a2de-4638-b2f3-f5f9b4b9d446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20628", "type": "seen", "source": "https://t.me/cibsecurity/25072", "content": "\u203c CVE-2021-20628 \u203c\n\nCross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-18T06:36:49.000000Z"}, {"uuid": "5fb6724f-201a-4f9c-8aa4-b5dd3870f9dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20621", "type": "seen", "source": "https://t.me/cibsecurity/22779", "content": "\u203c CVE-2021-20621 \u203c\n\nCross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-28T14:38:24.000000Z"}, {"uuid": "98e55ac2-ef64-450c-b2b7-eb2d9c0818a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20622", "type": "seen", "source": "https://t.me/cibsecurity/22777", "content": "\u203c CVE-2021-20622 \u203c\n\nCross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-28T14:38:22.000000Z"}, {"uuid": "25a1b34a-cf20-47a0-a91f-c538ed23df6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20620", "type": "seen", "source": "https://t.me/cibsecurity/22776", "content": "\u203c CVE-2021-20620 \u203c\n\nCross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-28T14:38:21.000000Z"}, {"uuid": "a29a6cc6-18fc-4d40-8640-c31e2429af78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20629", "type": "seen", "source": "https://t.me/cibsecurity/25064", "content": "\u203c CVE-2021-20629 \u203c\n\nCross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-18T06:36:39.000000Z"}, {"uuid": "dd3fe2ad-b847-49ff-8d9d-05dc356b701e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20623", "type": "seen", "source": "https://t.me/cibsecurity/23161", "content": "\u203c CVE-2021-20623 \u203c\n\nVideo Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-05T16:35:31.000000Z"}]}