CVEs and Exploits

CVE-2021-41349 Microsoft Exchange Server UnAuth XSS

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41349

CVE-2021-23015 Post-Auth RCE on F5 BIG IP iControl REST API

https://support.f5.com/csp/article/K74151369

CVE-2021-28966 Path traversal in Ruby's Tempfile class on Windows

https://hackerone.com/reports/1131465

Reversed CVE-2021-22986 (F5 iControl REST API Auth Bypass + RCE)

https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2021/CVE-2021-22986.yaml

Reversed CVE-2020-15505 (MobileIron Pre-Auth RCE)

https://github.com/httpvoid/CVE-Reverse/tree/master/CVE-2020-15505

Reversed CVE-2020-5284 (Next.js Path Traversal)

https://github.com/projectdiscovery/nuclei-templates/blob/7a676dc859fcd12b6420fe164ff2461e4afaae95/cves/CVE-2020-5284.yaml

CVE-2021-21307 (Lucee CMS Pre-Auth RCE)

An unauthenticated Remote Code Exploit chain (RCE) was found in the Lucee Admin code
https://dev.lucee.org/t/lucee-vulnerability-alert-november-2020/7643
https://github.com/lucee/Lucee/security/advisories/GHSA-2xvv-723c-8p7r

CVE-2020-11053 (OAuth-Proxy Open Redirect Bypass)

https://github.com/oauth2-proxy/oauth2-proxy/security/advisories/GHSA-j7px-6hwj-hpjg

CVE-2020-7011 (Elastic App Search Stored XSS)

Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they could execute arbitrary JavaScript in the victim's web browser.