{"vulnerability": "CVE-2021-3530", "sightings": [{"uuid": "65e29d67-5b81-42ad-aadc-0c3bfffdc68e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35300", "type": "seen", "source": "https://t.me/cibsecurity/25769", "content": "\u203c CVE-2021-35300 \u203c\n\nText injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-29T00:28:08.000000Z"}, {"uuid": "08944749-c585-4fcf-86dd-159b13058f19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35309", "type": "seen", "source": "https://t.me/cibsecurity/68991", "content": "\u203c CVE-2021-35309 \u203c\n\nAn issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:22:15.000000Z"}, {"uuid": "62515803-41d2-47fa-95e0-dec2061a8037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35307", "type": "seen", "source": "https://t.me/cibsecurity/26906", "content": "\u203c CVE-2021-35307 \u203c\n\nAn issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T00:31:52.000000Z"}, {"uuid": "4ba8e7fb-5923-4b16-8502-2fa3d999c4cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35301", "type": "seen", "source": "https://t.me/cibsecurity/25767", "content": "\u203c CVE-2021-35301 \u203c\n\nIncorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information via the Ticket Article detail view.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-29T00:28:06.000000Z"}, {"uuid": "17fb0b7f-1560-4604-92a6-9592aa7cd5a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35303", "type": "seen", "source": "https://t.me/cibsecurity/25765", "content": "\u203c CVE-2021-35303 \u203c\n\nCross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-29T00:28:02.000000Z"}]}