{"vulnerability": "cve-2022-3618", "sightings": [{"uuid": "5149823f-fa21-47cb-9c93-125be54a3b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3618", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13866", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3618\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Spacer WordPress plugin before 3.0.7 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T16:27:54.453Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/2011dc7b-8e8c-4190-ab34-de288e14685b", "creation_timestamp": "2025-04-29T17:11:58.000000Z"}, {"uuid": "abe454ed-b3a0-43fb-ad41-2454ff7911d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36182", "type": "seen", "source": "https://t.me/cibsecurity/52150", "content": "\u203c CVE-2022-36182 \u203c\n\nHashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T16:28:18.000000Z"}, {"uuid": "b8d79407-114a-422f-a6de-4af66280b430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36182", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36182\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.\n\ud83d\udccf Published: 2022-10-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T17:56:09.000Z\n\ud83d\udd17 References:\n1. https://owasp.org/www-community/attacks/Clickjacking\n2. https://packetstormsecurity.com/files/168654/Hashicorp-Boundary-Clickjacking.html", "creation_timestamp": "2025-05-07T18:23:07.000000Z"}, {"uuid": "40887110-45e5-49fc-abda-21df0cf6a634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36180", "type": "seen", "source": "https://t.me/cibsecurity/53314", "content": "\u203c CVE-2022-36180 \u203c\n\nFusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T07:13:04.000000Z"}, {"uuid": "7a52fbc0-73da-4622-b7ac-bf611352cfbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36186", "type": "seen", "source": "https://t.me/cibsecurity/48282", "content": "\u203c CVE-2022-36186 \u203c\n\nA Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-17T18:40:24.000000Z"}]}