{"vulnerability": "cve-2022-3834", "sightings": [{"uuid": "24c37536-26d2-475d-8e88-dd90e9379e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38340", "type": "seen", "source": "https://t.me/cibsecurity/50146", "content": "\u203c CVE-2022-38340 \u203c\n\nSafe Software FME Server v2022.0.1.1 and below was discovered to contain a Path Traversal vulnerability via the component fmedataupload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T22:39:26.000000Z"}, {"uuid": "aa65e0a2-e59c-48eb-90ee-d2fd65d2c553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3834", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13517", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3834\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2022-11-28T13:47:21.589Z\n\ud83d\udccf Modified: 2025-04-25T19:56:03.629Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/1dbe0f24-b757-49fe-846f-7c259df9f361", "creation_timestamp": "2025-04-25T20:07:58.000000Z"}, {"uuid": "96e03be8-42a5-4666-aad0-3ae598ae17ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38349", "type": "seen", "source": "https://t.me/cibsecurity/68980", "content": "\u203c CVE-2022-38349 \u203c\n\nAn issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:22:00.000000Z"}]}