{"vulnerability": "cve-2022-4457", "sightings": [{"uuid": "ab03b15a-9dab-445e-88f4-3ed756b7f11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44578", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113645987638383204", "content": "", "creation_timestamp": "2024-12-13T14:29:14.258990Z"}, {"uuid": "6050b68c-d699-428c-9ea6-429765fafff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44572", "type": "seen", "source": "Telegram/O6OhE1aymL4DX5SvrMok3-oZwM6LoabBSeKUfelXQ_AifIsE", "content": "", "creation_timestamp": "2025-02-14T10:08:10.000000Z"}, {"uuid": "52d99d34-8c4c-41e7-be8a-d18225189c73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12793", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44575\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability has been identified in PLM Help Server V4.2 (All versions). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link.\n\ud83d\udccf Published: 2022-12-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T03:25:24.922Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/pdf/ssa-274282.pdf", "creation_timestamp": "2025-04-22T04:03:17.000000Z"}, {"uuid": "29c4ddd4-af7c-4295-8f52-e45d7f5f105c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4457", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11048", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4457\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L)\n\ud83d\udd39 Description: Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device.\n\n\n\ud83d\udccf Published: 2023-01-11T16:32:28.382Z\n\ud83d\udccf Modified: 2025-04-09T13:43:50.264Z\n\ud83d\udd17 References:\n1. https://github.com/cloudflare/advisories/security/advisories/GHSA-35f7-fqrc-4hhj", "creation_timestamp": "2025-04-09T13:47:21.000000Z"}, {"uuid": "d5d0e86a-6489-49c8-8b4d-367eccf1b9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44571", "type": "seen", "source": "Telegram/g1e4ge5b1YBoHhcu_y2c5BVoan6dMBrj4qBk_jZUyN-iLHGG", "content": "", "creation_timestamp": "2025-02-14T10:08:10.000000Z"}, {"uuid": "c964935e-7734-4c54-896a-bf63af18c897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44570", "type": "seen", "source": "Telegram/CV1B3rZr5khK25YAobIJ1q14lZYG4ckN0CAy1N-SVmCsv3a7", "content": "", "creation_timestamp": "2025-02-14T10:08:10.000000Z"}, {"uuid": "9ae53bc1-b673-4599-9c2f-f840ef1a47c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44574", "type": "seen", "source": "https://t.me/cibsecurity/59833", "content": "\u203c CVE-2022-44574 \u203c\n\nAn improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-11T00:21:27.000000Z"}, {"uuid": "8091f389-4763-4091-9af4-3a1128384293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4457", "type": "seen", "source": "https://t.me/cibsecurity/56358", "content": "\u203c CVE-2022-4457 \u203c\n\nDue to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T20:57:13.000000Z"}, {"uuid": "c69a44b2-ef8f-416f-8518-b6a365ed666d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44576", "type": "seen", "source": "https://t.me/cibsecurity/52493", "content": "\u203c CVE-2022-44576 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in AgentEasy Properties plugin <= 1.0.4 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T01:20:00.000000Z"}]}