{"vulnerability": "cve-2024-2226", "sightings": [{"uuid": "ec53e18d-d01c-41f4-afa5-4082430aa07e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22267", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkdx2r3btr2v", "content": "", "creation_timestamp": "2025-03-14T15:40:19.447880Z"}, {"uuid": "fbd87755-a4be-40eb-8220-8c350c29018e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22262", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-04", "content": "", "creation_timestamp": "2025-09-18T10:00:00.000000Z"}, {"uuid": "5557ff2b-51a2-46a1-bb9f-5c2af101a6d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8324", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a(CVE-2024-22263) Spring Cloud Dataflow Arbitrary File Writing Scanner\nURL\uff1ahttps://github.com/securelayer7/CVE-2024-22263_Scanner\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-21T20:12:10.000000Z"}, {"uuid": "044f99eb-a2b5-40f2-a3c5-c3f69ed5574f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2226", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3576", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2226\n\ud83d\udd25 CVSS Score: 6.2 (CVSS_V3)\n\ud83d\udd39 Description: The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access and higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2024-04-09T21:31:59Z\n\ud83d\udccf Modified: 2025-01-31T03:32:13Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-2226\n2. https://plugins.trac.wordpress.org/changeset/3050429/otter-blocks\n3. https://www.wordfence.com/threat-intel/vulnerabilities/id/217d3148-d411-4fff-a4f6-d5d02ef207af?source=cve", "creation_timestamp": "2025-01-31T04:13:10.000000Z"}, {"uuid": "a6ca6c8e-31cf-441f-8b4c-7280afc0cf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2226", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3560", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2226\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-04-09T19:15:30.320\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/changeset/3050429/otter-blocks\n2. https://www.wordfence.com/threat-intel/vulnerabilities/id/217d3148-d411-4fff-a4f6-d5d02ef207af?source=cve\n3. https://plugins.trac.wordpress.org/changeset/3050429/otter-blocks\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/217d3148-d411-4fff-a4f6-d5d02ef207af?source=cve", "creation_timestamp": "2025-01-31T03:22:05.000000Z"}, {"uuid": "829ecde5-5474-458d-abdf-811634c80057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22262", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22262\n\ud83d\udd25 CVSS Score: 8.0 (CVSS_V3)\n\ud83d\udd39 Description: Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\ud83d\udccf Published: 2024-04-16T06:30:28Z\n\ud83d\udccf Modified: 2025-02-13T19:00:56Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-22262\n2. https://github.com/spring-projects/spring-framework\n3. https://github.com/spring-projects/spring-framework/blob/main/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java\n4. https://security.netapp.com/advisory/ntap-20240524-0003\n5. https://spring.io/security/cve-2024-22262", "creation_timestamp": "2025-02-13T19:21:07.000000Z"}, {"uuid": "840e80b5-c7a3-472f-8068-e7965fa2c8e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/someSecurityNotes/312", "content": "#spring #exploit #cve-2024-22263 #walkthrough\n\n\u0412 \u0441\u0442\u0430\u0442\u044c\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u043d \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u0430\u0433\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Spring Cloud Data Flow \u0438\u0437 \u0441\u043e\u0441\u0442\u0430\u0432\u0430 \u0421\u043f\u0440\u0438\u043d\u0433\u0430. \u041d\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0447\u0442\u043e \u043e\u043d \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d, \u043d\u043e \u044f \u0442\u0430\u043a\u043e\u0433\u043e \u043d\u0435 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u043b. \u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0441\u0442\u0430\u0442\u044c\u044f \u0445\u043e\u0440\u043e\u0448\u0430 \u0442\u0435\u043c \u0447\u0442\u043e \u0432 \u043d\u0435\u0439 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043a\u0430\u0437\u0430\u043d \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u0430\u0433\u0430.\n\nhttps://blog.securelayer7.net/spring-cloud-data-flow-exploit/", "creation_timestamp": "2024-08-27T00:28:12.000000Z"}, {"uuid": "0f2cba20-e1b2-45fb-8840-c86a6f306427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22269", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/705", "content": "#exploit\nVMware Workstation:\nEscaping via a New Route - Virtual Bluetooth\n(CVE-2024-22267, CVE-2024-22269)", "creation_timestamp": "2024-11-19T09:51:26.000000Z"}, {"uuid": "1413ebab-c739-464e-b363-1fd3123f1c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22267", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/705", "content": "#exploit\nVMware Workstation:\nEscaping via a New Route - Virtual Bluetooth\n(CVE-2024-22267, CVE-2024-22269)", "creation_timestamp": "2024-11-19T09:51:26.000000Z"}, {"uuid": "a1d780d7-1de2-4e01-b553-db95db68c12f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22268", "type": "seen", "source": "Telegram/Cj91e4B3iZcLGGr-UVJYOcr-TGYmDTp8zo8LHHY5pfrKVIU", "content": "", "creation_timestamp": "2024-06-09T17:52:33.000000Z"}, {"uuid": "246fbd9a-da4f-49e5-9b65-1602bb1367b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22269", "type": "seen", "source": "Telegram/Cj91e4B3iZcLGGr-UVJYOcr-TGYmDTp8zo8LHHY5pfrKVIU", "content": "", "creation_timestamp": "2024-06-09T17:52:33.000000Z"}, {"uuid": "6accf962-7f20-4bbf-9c19-e97cd115f6cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22267", "type": "seen", "source": "Telegram/Cj91e4B3iZcLGGr-UVJYOcr-TGYmDTp8zo8LHHY5pfrKVIU", "content": "", "creation_timestamp": "2024-06-09T17:52:33.000000Z"}, {"uuid": "e44bb3b2-3a37-48bd-af86-b95783b63e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22267", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/431", "content": "\u200aBroadcom Reveals Critical VMware Flaws: Code Execution (CVE-2024-22267) and Data Leaks\n\nhttps://securityonline.info/broadcom-reveals-critical-vmware-flaws-code-execution-cve-2024-22267-and-data-leaks/", "creation_timestamp": "2024-05-14T19:13:50.000000Z"}, {"uuid": "ad1c2e82-b705-4fd4-94d9-551dee0a5ad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1166", "content": "\u200aCVE-2024-22263 Flaw in Spring Cloud Data Flow Could Lead to Server Takeover\n\nhttps://securityonline.info/cve-2024-22263-flaw-in-spring-cloud-data-flow-could-lead-to-server-takeover/", "creation_timestamp": "2024-05-30T13:10:48.000000Z"}, {"uuid": "09a26585-0ef1-4db1-9a30-695360db2b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22262", "type": "seen", "source": "https://t.me/arpsyndicate/4683", "content": "#ExploitObserverAlert\n\nCVE-2024-22262\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.  This is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.701451", "creation_timestamp": "2024-04-18T04:35:44.000000Z"}, {"uuid": "23170d96-48b5-463a-8fce-5dd69de3dd5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2226", "type": "seen", "source": "https://t.me/arpsyndicate/4461", "content": "#ExploitObserverAlert\n\nCVE-2024-2226\n\nDESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2226. The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access and higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-04-11T06:56:18.000000Z"}, {"uuid": "e03a68cb-1642-46a3-8a36-5521b7e03c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9052", "content": "CVE-2024-22263: Spring Cloud Dataflow Arbitrary File Writing\n\nhttps://blog.securelayer7.net/spring-cloud-data-flow-exploit/", "creation_timestamp": "2024-08-22T18:13:55.000000Z"}, {"uuid": "9097c4c8-0b1b-415a-ae96-31b8786764a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3094", "content": "https://github.com/securelayer7/CVE-2024-22263_Scanner\n\n(CVE-2024-22263) Spring Cloud Dataflow Arbitrary File Writing Scanne\n#github #exploit #tools", "creation_timestamp": "2024-09-02T06:53:36.000000Z"}, {"uuid": "469535ae-fbe2-41af-b17c-2b4b723741d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11061", "content": "#exploit\n1. CVE-2024-6670:\nBreaking Down Barriers: Exploiting Pre-Auth SQL Injection in WhatsUp Gold\nhttps://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670\n\n2. CVE-2024-22263:\nSpring Cloud Dataflow Arbitrary File Writing Scanner\nhttps://github.com/securelayer7/CVE-2024-22263_Scanner", "creation_timestamp": "2024-10-02T10:55:23.000000Z"}, {"uuid": "193e5e7e-a664-4c12-bef6-2c7993f445c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22269", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11455", "content": "#exploit\nVMware Workstation:\nEscaping via a New Route - Virtual Bluetooth\n(CVE-2024-22267, CVE-2024-22269)", "creation_timestamp": "2024-11-19T12:05:04.000000Z"}, {"uuid": "d2bda038-7705-4f81-8d91-96908900371c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22267", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11455", "content": "#exploit\nVMware Workstation:\nEscaping via a New Route - Virtual Bluetooth\n(CVE-2024-22267, CVE-2024-22269)", "creation_timestamp": "2024-11-19T12:05:04.000000Z"}, {"uuid": "ae65e86f-81e5-47c6-834b-8b562849e64a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22269", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/5154", "content": "#exploit\nVMware Workstation:\nEscaping via a New Route - Virtual Bluetooth\n(CVE-2024-22267, CVE-2024-22269)", "creation_timestamp": "2024-11-19T15:33:47.000000Z"}, {"uuid": "fb826fa1-f0c5-466e-95ed-91d57a5f0615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22267", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/5154", "content": "#exploit\nVMware Workstation:\nEscaping via a New Route - Virtual Bluetooth\n(CVE-2024-22267, CVE-2024-22269)", "creation_timestamp": "2024-11-19T15:33:47.000000Z"}, {"uuid": "6743df7c-5225-4cf8-9997-04a44a5a16f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22263", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4320", "content": "#exploit\n1. Breaking Down Barriers: Exploiting Pre-Auth SQL Injection in WhatsUp Gold\nhttps://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670\n\n2. CVE-2024-22263:\nSpring Cloud Dataflow Arbitrary File Writing Scanner\nhttps://github.com/securelayer7/CVE-2024-22263_Scanner", "creation_timestamp": "2024-09-01T04:26:06.000000Z"}]}