{"vulnerability": "cve-2022-3986", "sightings": [{"uuid": "74adb606-d4f3-4e2d-b557-02f463d60839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3986", "type": "seen", "source": "https://t.me/cibsecurity/54868", "content": "\u203c CVE-2022-3986 \u203c\n\nThe WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:43.000000Z"}, {"uuid": "48eca1b5-e5d1-477d-b452-5e03ffbd0b1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39868", "type": "seen", "source": "https://t.me/cibsecurity/50987", "content": "\u203c CVE-2022-39868 \u203c\n\nImproper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:18:00.000000Z"}, {"uuid": "c8d94f92-29cc-4aa6-8c9c-613a0dc836b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39866", "type": "seen", "source": "https://t.me/cibsecurity/50984", "content": "\u203c CVE-2022-39866 \u203c\n\nImproper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:57.000000Z"}, {"uuid": "91dcb714-33ca-4b21-bcc6-0b4c4b1c2493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39864", "type": "seen", "source": "https://t.me/cibsecurity/50981", "content": "\u203c CVE-2022-39864 \u203c\n\nImproper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:54.000000Z"}, {"uuid": "417ab9d8-11d1-4f6f-89c0-9ea635c64329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39860", "type": "seen", "source": "https://t.me/cibsecurity/50977", "content": "\u203c CVE-2022-39860 \u203c\n\nImproper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:48.000000Z"}, {"uuid": "2c8b6539-455a-4c85-a836-843c4804be89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39867", "type": "seen", "source": "https://t.me/cibsecurity/50974", "content": "\u203c CVE-2022-39867 \u203c\n\nImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:44.000000Z"}, {"uuid": "aaf999af-93f4-4778-bca5-d94b01aa3ccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39863", "type": "seen", "source": "https://t.me/cibsecurity/50973", "content": "\u203c CVE-2022-39863 \u203c\n\nIntent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:43.000000Z"}]}