{"vulnerability": "cve-2021-3340", "sightings": [{"uuid": "ba4a2ace-9292-4437-ba1b-8afceefce6f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3340", "type": "seen", "source": "https://t.me/cibsecurity/22932", "content": "\u203c CVE-2021-3340 \u203c\n\nA cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:17.000000Z"}, {"uuid": "ef34aaf7-5b41-4388-a22a-6fa0a85eed31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-33408", "type": "seen", "source": "https://t.me/arpsyndicate/556", "content": "#ExploitObserverAlert\n\nCVE-2021-33408\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-33408. Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote attackers to retrieve arbitrary files. Fixed in v4.0.2.6 and v4.0.3.1.\n\nFIRST-EPSS: 0.001430000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-25T01:00:35.000000Z"}]}