{"vulnerability": "CVE-2022-4196", "sightings": [{"uuid": "fbff2ecf-bcb0-47b8-928b-5cc65e557850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41966", "type": "seen", "source": "https://t.me/arpsyndicate/3126", "content": "#ExploitObserverAlert\n\nCVE-2022-41966\n\nDESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to CVE-2022-41966. XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable.\n\nFIRST-EPSS: 0.001590000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T00:09:43.000000Z"}, {"uuid": "ec76e166-2c91-42ae-b5d1-9613fc08b1a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41965", "type": "seen", "source": "https://t.me/cibsecurity/53605", "content": "\u203c CVE-2022-41965 \u203c\n\nOpencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to sites outside of one's Opencast install, potentially facilitating phishing attacks or other security issues. This issue is fixed in Opencast 12.5 and newer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T00:28:21.000000Z"}, {"uuid": "c4f3069c-eb0d-4ffc-a566-a802979b6319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41963", "type": "seen", "source": "https://t.me/cibsecurity/54661", "content": "\u203c CVE-2022-41963 \u203c\n\nBigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-1\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T16:24:21.000000Z"}, {"uuid": "115bbad1-3576-4477-8702-8c3258e3d837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41961", "type": "seen", "source": "https://t.me/cibsecurity/54660", "content": "\u203c CVE-2022-41961 \u203c\n\nBigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered users from the same extId. This issue has been fixed by improving permissions such that banning a user removes all users related to their extId, including registered users that have not joined the meeting. This issue is patched in versions 2.4-rc-6 and 2.5-alpha-1. There are no workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T16:24:20.000000Z"}, {"uuid": "eef36ec4-4ca1-48c0-bce6-04a32b09424c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4196", "type": "seen", "source": "https://t.me/cibsecurity/56192", "content": "\u203c CVE-2022-4196 \u203c\n\nThe Multi Step Form WordPress plugin before 1.7.8 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:04.000000Z"}, {"uuid": "a4318aa1-3fe9-4ff0-aa38-04af91f6c3d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41964", "type": "seen", "source": "https://t.me/cibsecurity/54769", "content": "\u203c CVE-2022-41964 \u203c\n\nBigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T20:24:39.000000Z"}, {"uuid": "b69db504-8254-4455-a6ef-0b2fef66168a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41967", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11646", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41967\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L)\n\ud83d\udd39 Description: Dragonfly is a Java runtime dependency management library. Dragonfly v0.3.0-SNAPSHOT does not configure DocumentBuilderFactory to prevent XML external entity (XXE) attacks. This issue is patched in 0.3.1-SNAPSHOT. As a workaround, since Dragonfly only parses XML `SNAPSHOT` versions are being resolved, this vulnerability may be avoided by not trying to resolve `SNAPSHOT` versions.\n\ud83d\udccf Published: 2022-12-27T23:45:00.786Z\n\ud83d\udccf Modified: 2025-04-14T16:23:21.201Z\n\ud83d\udd17 References:\n1. https://github.com/HyperaDev/Dragonfly/security/advisories/GHSA-6x3m-96qp-mmxv\n2. https://github.com/HyperaDev/Dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3", "creation_timestamp": "2025-04-14T16:53:39.000000Z"}, {"uuid": "5b752fd7-63fc-4722-a0e8-aa18ef1eb94d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41961", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12303", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41961\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered users from the same extId. This issue has been fixed by improving permissions such that banning a user removes all users related to their extId, including registered users that have not joined the meeting. This issue is patched in versions 2.4-rc-6 and 2.5-alpha-1. There are no workarounds. \n\ud83d\udccf Published: 2022-12-16T12:24:43.465Z\n\ud83d\udccf Modified: 2025-04-17T17:24:47.412Z\n\ud83d\udd17 References:\n1. https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-wxjp-h88g-7fqg\n2. https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4-rc-6\n3. https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.5-alpha-1", "creation_timestamp": "2025-04-17T17:57:38.000000Z"}, {"uuid": "d9e73f87-4cff-4338-a530-5fc3fac0b77b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41962", "type": "seen", "source": "https://t.me/cibsecurity/54663", "content": "\u203c CVE-2022-41962 \u203c\n\nBigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to set none as the status of other users. This issue is patched in 2.4-rc-6 and 2.5-alpha-1There are no workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T16:24:23.000000Z"}]}