{"vulnerability": "CVE-2022-2384", "sightings": [{"uuid": "21ff4b89-62a4-4d61-bacc-aaa1c61030b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2384", "type": "seen", "source": "https://t.me/cibsecurity/48136", "content": "\u203c CVE-2022-2384 \u203c\n\nThe Digital Publications by Supsystic WordPress plugin before 1.7.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T14:37:49.000000Z"}, {"uuid": "f57d9de8-13ec-4da5-b839-188c79f34543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23849", "type": "seen", "source": "https://t.me/cibsecurity/38341", "content": "\u203c CVE-2022-23849 \u203c\n\nThe biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. An attacker must rapidly make failed biometric authentication attempts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T07:25:45.000000Z"}, {"uuid": "f1341af7-e7dc-40ca-ad48-dc1bd2815092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23848", "type": "seen", "source": "https://t.me/cibsecurity/37851", "content": "\u203c CVE-2022-23848 \u203c\n\nIn Alluxio before 2.7.3, the logserver does not validate the input stream. NOTE: this is not the same as the CVE-2021-44228 Log4j vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-20T22:40:38.000000Z"}]}