https://vulnerability.circl.lu/sightings/feed 2026-06-09T04:22:42.738910+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/11634186-2026-43b4-840c-83ad1d0c856e/export 2026-06-09T04:22:43.087786+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "11634186-2026-43b4-840c-83ad1d0c856e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34685", "type": "seen", "source": "https://t.me/cibsecurity/31951", "content": "\u203c CVE-2021-34685 \u203c\n\nUploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. Specifically, a .jsp file is not allowed, but a .jsp. file is allowed (and leads to remote code execution).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-08T07:28:38.000000Z"} 2021-11-08T07:28:38+00:00