{"vulnerability": "cve-2022-22789", "sightings": [{"uuid": "62f43a73-8d76-4638-990a-be4d3aeab15d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22789", "type": "seen", "source": "https://t.me/cibsecurity/36256", "content": "\u203c CVE-2022-22789 \u203c\n\nCharactell - FormStorm Enterprise Account takeover \u00e2\u20ac\u201c An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existing password in the file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-25T22:18:51.000000Z"}]}