{"vulnerability": "cve-2022-2250", "sightings": [{"uuid": "799bb0c1-757d-4048-aade-05cc035f4a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22506", "type": "seen", "source": "https://t.me/ctinow/198804", "content": "https://ift.tt/LkrVHuF\nCVE-2022-22506 | IBM Robotic Process Automation 21.0.2 User ID information disclosure (XFDB-227293)", "creation_timestamp": "2024-03-03T16:21:51.000000Z"}, {"uuid": "6bd57dde-1fa7-4521-9800-8a60f18be757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22508", "type": "seen", "source": "https://t.me/cibsecurity/64087", "content": "\u203c CVE-2022-22508 \u203c\n\nImproper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T14:29:28.000000Z"}, {"uuid": "565cc15a-8066-49c2-901d-d9656e4019ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2250", "type": "seen", "source": "https://t.me/cibsecurity/45492", "content": "\u203c CVE-2022-2250 \u203c\n\nAn open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-01T20:42:54.000000Z"}, {"uuid": "e391fa3b-0867-456b-94dd-e61e26f38e9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22502", "type": "seen", "source": "https://t.me/cibsecurity/45116", "content": "\u203c CVE-2022-22502 \u203c\n\nIBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-24T20:31:22.000000Z"}, {"uuid": "b11977df-5086-4093-a73e-cf8db3299e82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22508", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "030c0a56-0fd5-476d-8305-77a1813c8d44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22506", "type": "seen", "source": "https://t.me/ctinow/183414", "content": "https://ift.tt/43tPZzU\nCVE-2022-22506", "creation_timestamp": "2024-02-12T21:22:20.000000Z"}, {"uuid": "14e4f4e4-bdf7-46cb-91f0-b73c1a998638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22503", "type": "seen", "source": "https://t.me/cibsecurity/50907", "content": "\u203c CVE-2022-22503 \u203c\n\nIBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 227125.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:16:59.000000Z"}, {"uuid": "576ff450-168b-497d-a6da-5acd7877bf47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22509", "type": "seen", "source": "https://t.me/cibsecurity/36707", "content": "\u203c CVE-2022-22509 \u203c\n\nIn Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T16:28:54.000000Z"}]}