{"vulnerability": "cve-2021-3726", "sightings": [{"uuid": "e67ac46f-f4ef-4c2a-bc3a-debe4f0ea715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37262", "type": "seen", "source": "https://t.me/cibsecurity/34156", "content": "\u203c CVE-2021-37262 \u203c\n\nJFinal_cms 5.1.0 is vulnerable to regex injection that may lead to Denial of Service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T22:35:57.000000Z"}, {"uuid": "f2ab8f0a-ce22-4d7f-9e37-988bc5a5ce7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3726", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/33079", "content": "\u203c CVE-2021-3726 \u203c\n\n# Vulnerability in `title` function **Description**: the `title` function defined in `lib/termsupport.zsh` uses `print` to set the terminal title to a user-supplied string. In Oh My Zsh, this function is always used securely, but custom user code could use the `title` function in a way that is unsafe. **Fixed in**: [a263cdac](https://github.com/ohmyzsh/ohmyzsh/commit/a263cdac). **Impacted areas**: - `title` function in `lib/termsupport.zsh`. - Custom user code using the `title` function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-30T12:34:12.000000Z"}, {"uuid": "61fcf4cb-08aa-44d5-bd45-ddf8d9ac86e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37267", "type": "seen", "source": "https://t.me/cibsecurity/29595", "content": "\u203c CVE-2021-37267 \u203c\n\nCross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T22:36:08.000000Z"}]}