{"vulnerability": "CVE-2022-28508", "sightings": [{"uuid": "ea382d19-f53e-48bf-8c3e-816a70d681d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28508", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-28508.yaml", "content": "", "creation_timestamp": "2025-04-24T13:45:33.000000Z"}, {"uuid": "e7393147-eab6-4fff-9809-778032eb6eb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28508", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lno4mxx4ny2a", "content": "", "creation_timestamp": "2025-04-25T21:02:12.205937Z"}, {"uuid": "bfb9b9ce-6127-4a4a-8dbe-6dc39b2f3cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28508", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2067", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-28508\nURL\uff1ahttps://github.com/YavuzSahbaz/CVE-2022-28508\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-30T03:26:47.000000Z"}, {"uuid": "3e49ab34-fc66-401e-8a4c-88d90904f76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28508", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5909", "content": "#exploit\n1. CVE-2022-28346:\nDjango QuerySet.annotate(), aggregate(), extra() SQL\nhttps://github.com/DeEpinGh0st/CVE-2022-28346\n\n2. CVE-2022-28508:\nMantisBT 2.25.2 - XSS\nhttps://github.com/YavuzSahbaz/CVE-2022-28508/blob/main/MantisBT%202.25.2%20XSS%20vulnurability\n\n3. Bypassing LDAP Channel Binding with StartTLS\nhttps://offsec.almond.consulting/bypassing-ldap-channel-binding-with-starttls.html", "creation_timestamp": "2022-04-30T17:55:24.000000Z"}]}