{"vulnerability": "CVE-2022-40184", "sightings": [{"uuid": "d430f460-9c7e-4980-b536-b02f9e6d2163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40184", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40184\n\ud83d\udd25 CVSS Score: 5.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option.\n\ud83d\udccf Published: 2022-10-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T19:15:40.818Z\n\ud83d\udd17 References:\n1. https://psirt.bosch.com/security-advisories/bosch-sa-454166-bt.html", "creation_timestamp": "2025-05-09T19:26:10.000000Z"}, {"uuid": "8166cbf1-d77f-4f5f-a24e-12f41491e660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40184", "type": "seen", "source": "https://t.me/cibsecurity/52162", "content": "\u203c CVE-2022-40184 \u203c\n\nIncomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T20:33:30.000000Z"}]}