{"vulnerability": "cve-2022-3207", "sightings": [{"uuid": "db0d9042-3eee-44a2-a96f-0c464c55945b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3207", "type": "seen", "source": "https://t.me/cibsecurity/51086", "content": "\u203c CVE-2022-3207 \u203c\n\nThe Simple File List WordPress plugin before 4.4.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T00:25:30.000000Z"}, {"uuid": "e6f2ea12-2296-4193-ba1c-70fdaf550606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32073", "type": "seen", "source": "https://t.me/cibsecurity/46172", "content": "\u203c CVE-2022-32073 \u203c\n\nWolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T20:26:35.000000Z"}, {"uuid": "202dd312-ba1c-473e-b3f9-ccc6351f08f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32074", "type": "seen", "source": "https://t.me/cibsecurity/46171", "content": "\u203c CVE-2022-32074 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T20:26:34.000000Z"}]}