{"vulnerability": "cve-2022-22126", "sightings": [{"uuid": "625b4f5c-828d-4827-b92c-5e39e70424bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22126", "type": "seen", "source": "https://t.me/cibsecurity/37849", "content": "\u203c CVE-2022-22126 \u203c\n\nOpenmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the \u00e2\u20ac\u0153Web Page\u00e2\u20ac\ufffd element, that allows the injection of malicious JavaScript into the \u00e2\u20ac\u02dcURL\u00e2\u20ac\u2122 field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-20T22:40:33.000000Z"}]}