{"vulnerability": "CVE-2022-2456", "sightings": [{"uuid": "8d82310f-1025-498e-89a9-e915fca24367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24563", "type": "seen", "source": "https://t.me/cibsecurity/38343", "content": "\u203c CVE-2022-24563 \u203c\n\nIn Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) vulnerability exists in /gxadmin/index.php?page=themes&amp;view=options\" via the intro_title and intro_image parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T07:25:47.000000Z"}, {"uuid": "62506fc9-740f-4088-87ba-aae53b892ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24566", "type": "seen", "source": "https://t.me/cibsecurity/38001", "content": "\u203c CVE-2022-24566 \u203c\n\nIn Checkmk &lt;=2.0.0p19 fixed in 2.0.0p20 and Checkmk &lt;=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-24T18:14:55.000000Z"}, {"uuid": "ddbcc5c4-3f7d-4e21-b0da-5713b59b56e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24564", "type": "seen", "source": "https://t.me/cibsecurity/37879", "content": "\u203c CVE-2022-24564 \u203c\n\nCheckmk &lt;=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help Text is subject to HTML injection, which can be triggered for editing a user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-22T02:11:39.000000Z"}, {"uuid": "f3be0afc-bade-43e2-9e4c-60fc7f050579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24568", "type": "seen", "source": "https://t.me/cibsecurity/37257", "content": "\u203c CVE-2022-24568 \u203c\n\nNovel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T22:14:12.000000Z"}]}