{"vulnerability": "cve-2022-4032", "sightings": [{"uuid": "31fadcb4-1927-42ab-8986-6429ae66807c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40324", "type": "seen", "source": "https://t.me/cibsecurity/49571", "content": "\u203c CVE-2022-40324 \u203c\n\nSysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T00:23:45.000000Z"}, {"uuid": "994f76e5-a2a4-478b-a511-1d45f97b90bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4032", "type": "seen", "source": "https://t.me/cibsecurity/53677", "content": "\u203c CVE-2022-4032 \u203c\n\nThe Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input sanitization and output escaping that allowed iframe tags to be injected. This makes it possible for unauthenticated attackers to inject iFrames in pages that will execute whenever a user accesses an injected page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-30T00:29:33.000000Z"}, {"uuid": "06c3abc7-70e1-48fb-bf85-84dfa9e766ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40320", "type": "seen", "source": "https://t.me/cibsecurity/49565", "content": "\u203c CVE-2022-40320 \u203c\n\ncfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-10T05:43:52.000000Z"}, {"uuid": "7dd14419-4447-4775-b55c-abcc84d92b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40322", "type": "seen", "source": "https://t.me/cibsecurity/49570", "content": "\u203c CVE-2022-40322 \u203c\n\nSysAid Help Desk before 22.1.65 allows XSS, aka FR# 66542 and 65579.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T00:23:44.000000Z"}, {"uuid": "9e254865-2dcc-4d37-874f-426541d2443d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40323", "type": "seen", "source": "https://t.me/cibsecurity/49569", "content": "\u203c CVE-2022-40323 \u203c\n\nSysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR# 67241.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T00:23:43.000000Z"}, {"uuid": "28ae695d-7ec8-47a5-b843-5b4b67b90b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40325", "type": "seen", "source": "https://t.me/cibsecurity/49568", "content": "\u203c CVE-2022-40325 \u203c\n\nSysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T00:23:41.000000Z"}]}