{"vulnerability": "cve-2021-4431", "sightings": [{"uuid": "0ffc2a95-2dc1-451c-924d-297e985e67f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44310", "type": "seen", "source": "https://t.me/cibsecurity/39842", "content": "\u203c CVE-2021-44310 \u203c\n\nAn issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:12:43.000000Z"}, {"uuid": "d1859fab-a6cb-4287-a88e-fb0dfba9e36f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44317", "type": "seen", "source": "https://t.me/cibsecurity/34165", "content": "\u203c CVE-2021-44317 \u203c\n\nIn Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T22:36:09.000000Z"}, {"uuid": "ba2931b0-b736-4548-add9-0d26d4b513e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44315", "type": "seen", "source": "https://t.me/cibsecurity/34164", "content": "\u203c CVE-2021-44315 \u203c\n\nIn Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T22:36:08.000000Z"}, {"uuid": "b26b4a0b-93f7-4ec0-a580-32b001ae29b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44312", "type": "seen", "source": "https://t.me/cibsecurity/39834", "content": "\u203c CVE-2021-44312 \u203c\n\nAn issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators could be targeted by a CSRF attack through visiting a crafted web page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:12:35.000000Z"}]}