{"vulnerability": "cve-2021-3904", "sightings": [{"uuid": "a52fb694-ff66-46fc-a6ba-ac89554a9130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39043", "type": "seen", "source": "https://t.me/cibsecurity/43072", "content": "\u203c CVE-2021-39043 \u203c\n\nIBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-20T20:30:49.000000Z"}, {"uuid": "9673c554-d255-4b96-b9bb-89d5552baa6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39040", "type": "seen", "source": "https://t.me/cibsecurity/41401", "content": "\u203c CVE-2021-39040 \u203c\n\nIBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 214025.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-25T20:36:30.000000Z"}, {"uuid": "51a23a8c-3753-4692-bd84-254a9fe981bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39049", "type": "seen", "source": "https://t.me/cibsecurity/33877", "content": "\u203c CVE-2021-39049 \u203c\n\nIBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-13T22:12:13.000000Z"}, {"uuid": "fef209e6-f3e0-4bb5-a301-fb0e4e6a1697", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39048", "type": "seen", "source": "https://t.me/cibsecurity/33875", "content": "\u203c CVE-2021-39048 \u203c\n\nIBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-13T22:12:11.000000Z"}, {"uuid": "5cb9c7da-72b7-4fd5-8ddc-8503d2117cfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39045", "type": "seen", "source": "https://t.me/cibsecurity/49177", "content": "\u203c CVE-2021-39045 \u203c\n\nIBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local attacker to obtain information due to the autocomplete feature on password input fields. IBM X-Force ID: 214345.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-01T22:38:17.000000Z"}, {"uuid": "c31b5546-b385-49ac-9f49-dc3cb80c3ebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39041", "type": "seen", "source": "https://t.me/cibsecurity/46077", "content": "\u203c CVE-2021-39041 \u203c\n\nIBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-12T22:25:23.000000Z"}, {"uuid": "303f39b4-0915-4240-9665-55b70ea9fc85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39047", "type": "seen", "source": "https://t.me/cibsecurity/45105", "content": "\u203c CVE-2021-39047 \u203c\n\nIBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214349.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-24T20:31:09.000000Z"}, {"uuid": "77dbb47b-d97d-44f7-b166-0d1f66df7ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39046", "type": "seen", "source": "https://t.me/cibsecurity/39209", "content": "\u203c CVE-2021-39046 \u203c\n\nIBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T19:22:39.000000Z"}, {"uuid": "660e7001-bbdd-45a1-96de-027d0b551896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39044", "type": "seen", "source": "https://t.me/cibsecurity/36700", "content": "\u203c CVE-2021-39044 \u203c\n\nIBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 214210.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T14:28:29.000000Z"}, {"uuid": "3e18498f-e984-4f84-8930-4a53be195840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3904", "type": "seen", "source": "https://t.me/cibsecurity/31339", "content": "\u203c CVE-2021-3904 \u203c\n\ngrav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-28T02:16:26.000000Z"}]}