{"vulnerability": "cve-2022-29618", "sightings": [{"uuid": "5cb586dd-9c3f-44dd-aa56-12e2355d6ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29618", "type": "seen", "source": "https://t.me/cibsecurity/44437", "content": "\u203c CVE-2022-29618 \u203c\n\nDue to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user\u00e2\u20ac\u2122s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T22:19:05.000000Z"}]}