{"vulnerability": "CVE-2022-2489", "sightings": [{"uuid": "bb57fccf-95a9-4452-8b37-817178c1ed1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24897", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwwto2zh5e25", "content": "", "creation_timestamp": "2025-08-21T21:02:35.039784Z"}, {"uuid": "caa384ac-0a44-4219-a4c9-a37294ed689f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24897", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12915", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24897\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13.0, the velocity scripts are not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Writing an attacking script in Velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File. The problem has been patched in versions 12.6.7, 12.10.3, and 13.0. There is no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.\n\ud83d\udccf Published: 2022-05-02T21:49:17.000Z\n\ud83d\udccf Modified: 2025-04-22T18:02:07.004Z\n\ud83d\udd17 References:\n1. https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-cvx5-m8vg-vxgc\n2. https://github.com/xwiki/xwiki-commons/pull/127\n3. https://github.com/xwiki/xwiki-commons/commit/215951cfb0f808d0bf5b1097c9e7d1e503449ab8\n4. https://jira.xwiki.org/browse/XWIKI-5168", "creation_timestamp": "2025-04-22T18:03:27.000000Z"}, {"uuid": "78a43814-7cd7-43bf-910e-bc048e1a2e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24897", "type": "seen", "source": "https://t.me/cibsecurity/41789", "content": "\u203c CVE-2022-24897 \u203c\n\nAPIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13.0, the velocity scripts are not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Writing an attacking script in Velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File. The problem has been patched in versions 12.6.7, 12.10.3, and 13.0. There is no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-21T06:42:43.000000Z"}, {"uuid": "cb8c9d88-0ca6-4132-a975-495dc15cc34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24898", "type": "seen", "source": "https://t.me/cibsecurity/41610", "content": "\u203c CVE-2022-24898 \u203c\n\norg.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. Starting in version 2.7 and prior to versions 12.10.10, 13.4.4, and 13.8-rc-1, it is possible for a script to access any file accessing to the user running XWiki application server with XML External Entity Injection through the XML script service. The problem has been patched in versions 12.10.10, 13.4.4, and 13.8-rc-1. There is no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-29T00:29:23.000000Z"}, {"uuid": "6172034c-053f-4ff6-a317-d24ee3d97638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24890", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12919", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24890\n\ud83d\udd25 CVSS Score: 2.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There are currently no known workarounds.\n\ud83d\udccf Published: 2022-05-17T19:00:15.000Z\n\ud83d\udccf Modified: 2025-04-22T18:01:26.535Z\n\ud83d\udd17 References:\n1. https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vxpr-hcqq-7fw7\n2. https://github.com/nextcloud/spreed/issues/7048\n3. https://github.com/nextcloud/spreed/pull/7034\n4. https://github.com/nextcloud/spreed/pull/7092", "creation_timestamp": "2025-04-22T18:03:30.000000Z"}, {"uuid": "60e7fcc2-0cdf-4dde-918a-351ebe94ac92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2489", "type": "seen", "source": "https://t.me/cibsecurity/46637", "content": "\u203c CVE-2022-2489 \u203c\n\nA vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x6770715a WHERE 8795=8795 AND (SELECT 8342 FROM(SELECT COUNT(*),CONCAT(0x7171786b71,(SELECT (ELT(8342=8342,1))),0x717a7a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||' leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T16:19:55.000000Z"}, {"uuid": "128d4c72-3cb3-4ed0-8a21-616997ff7870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24891", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrspzm3kr2m", "content": "", "creation_timestamp": "2025-08-19T21:02:25.370975Z"}, {"uuid": "77cad28d-98df-47b1-b2fa-a635bafbfe53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24890", "type": "seen", "source": "https://t.me/cibsecurity/42851", "content": "\u203c CVE-2022-24890 \u203c\n\nNextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There are currently no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T22:27:46.000000Z"}, {"uuid": "8d8ab174-6317-4606-ae45-7b0d24a51f4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24896", "type": "seen", "source": "https://t.me/cibsecurity/44078", "content": "\u203c CVE-2022-24896 \u203c\n\nTuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T12:33:08.000000Z"}, {"uuid": "3be872fa-c35e-42bc-b43a-92d6570e7409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24899", "type": "seen", "source": "https://t.me/cibsecurity/42084", "content": "\u203c CVE-2022-24899 \u203c\n\nContao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T07:22:11.000000Z"}, {"uuid": "847d3d77-e833-4c90-b11b-062922010d02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24892", "type": "seen", "source": "https://t.me/cibsecurity/41583", "content": "\u203c CVE-2022-24892 \u203c\n\nShopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the password. This makes it possible for an attacker to take over the victim's account if they somehow gain access to the victims email account and find an unused password reset token in the emails. This issue is fixed in version 5.7.9.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T18:24:29.000000Z"}, {"uuid": "6df0ffbd-f046-4cf6-b030-1c4d9dc765f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24891", "type": "seen", "source": "https://t.me/cibsecurity/41539", "content": "\u203c CVE-2022-24891 \u203c\n\nESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for \"onsiteURL\" in the **antisamy-esapi.xml** configuration file that can cause \"javascript:\" URLs to fail to be correctly sanitized. This issue is patched in ESAPI 2.3.0.0. As a workaround, manually edit the **antisamy-esapi.xml** configuration files to change the \"onsiteURL\" regular expression. More information about remediation of the vulnerability, including the workaround, is available in the maintainers' release notes and security bulletin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T00:13:25.000000Z"}]}