{"vulnerability": "CVE-2022-2238", "sightings": [{"uuid": "a5be497b-cee3-466e-a59c-d2a050156b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22387", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17070", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-22387\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_0, Vector: CVSS:3.0/I:L/AC:L/S:C/AV:N/UI:R/C:L/PR:L/A:N/E:H/RL:O/RC:C)\n\ud83d\udd39 Description: IBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221965.\n\ud83d\udccf Published: 2022-09-28T15:55:13.564Z\n\ud83d\udccf Modified: 2025-05-20T20:34:16.532Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6824247\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/221965", "creation_timestamp": "2025-05-20T20:41:00.000000Z"}, {"uuid": "7616aee2-8112-43d8-8121-892209f2db4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22384", "type": "seen", "source": "https://t.me/cibsecurity/72399", "content": "\u203c CVE-2022-22384 \u203c\n\nIBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages returned from the server due to hazardous input validation. IBM X-Force ID: 221961.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T07:32:37.000000Z"}, {"uuid": "705f0abd-3ffd-4d41-8930-2613dffda6f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22380", "type": "seen", "source": "https://t.me/cibsecurity/72404", "content": "\u203c CVE-2022-22380 \u203c\n\nIBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T07:32:43.000000Z"}, {"uuid": "3c2411f0-46b2-4af3-9780-a797d4f0f47e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22386", "type": "seen", "source": "https://t.me/cibsecurity/72391", "content": "\u203c CVE-2022-22386 \u203c\n\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221963.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T07:32:28.000000Z"}, {"uuid": "f2b9bcfd-9850-4562-b11d-9ac255b21402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22387", "type": "seen", "source": "https://t.me/cibsecurity/50610", "content": "\u203c CVE-2022-22387 \u203c\n\nIBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221965.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T20:34:24.000000Z"}]}