{"vulnerability": "CVE-2022-3725", "sightings": [{"uuid": "d60c1729-a6cb-4f57-ac2a-e5b6616df75a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37250", "type": "seen", "source": "https://t.me/cibsecurity/49908", "content": "\u203c CVE-2022-37250 \u203c\n\nCraft CMS 4.2.0.1 suffers from Stored Cross Site Scripting (XSS) in /admin/myaccount.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T18:28:48.000000Z"}, {"uuid": "43f623e6-79bc-48ab-8370-08b185e3c59e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3725", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15817", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3725\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file\n\ud83d\udccf Published: 2022-10-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T19:14:30.824Z\n\ud83d\udd17 References:\n1. https://www.wireshark.org/security/wnpa-sec-2022-07.html\n2. https://gitlab.com/wireshark/wireshark/-/issues/18378\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3725.json\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIEIFFZ27YKCTK5C2VT4OEQSHPQDBNSF/\n5. https://security.gentoo.org/glsa/202309-02", "creation_timestamp": "2025-05-09T19:26:11.000000Z"}, {"uuid": "73889f4d-b9ae-4e66-88d0-a421258ca49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37259", "type": "seen", "source": "https://t.me/cibsecurity/50161", "content": "\u203c CVE-2022-37259 \u203c\n\nA Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T22:39:43.000000Z"}, {"uuid": "fe5a07b0-3940-4fba-aee3-37be06f22975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3725", "type": "seen", "source": "https://t.me/cibsecurity/52165", "content": "\u203c CVE-2022-3725 \u203c\n\nCrash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T20:33:32.000000Z"}, {"uuid": "ee9c79d6-079f-414e-837f-3a05791aa452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37253", "type": "seen", "source": "https://t.me/cibsecurity/49383", "content": "\u203c CVE-2022-37253 \u203c\n\nPersistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T00:13:35.000000Z"}, {"uuid": "40bb7b58-962a-4e3c-be50-16d8e156ac52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37254", "type": "seen", "source": "https://t.me/cibsecurity/48449", "content": "\u203c CVE-2022-37254 \u203c\n\nDolphinPHP 1.5.1 is vulnerable to Cross Site Scripting (XSS) via Background - > System - > system function - > configuration management.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T20:17:33.000000Z"}]}