{"vulnerability": "CVE-2022-3565", "sightings": [{"uuid": "30e88aa3-0920-4600-a3e8-005ea22f1f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35653", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "f4342d4b-d7a7-4bf9-8ea6-03d2638ba13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35655", "type": "seen", "source": "https://t.me/cibsecurity/48491", "content": "\u203c CVE-2022-35655 \u203c\n\nPega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:20:46.000000Z"}, {"uuid": "a6b602f2-7c5c-4073-a0be-542cca9cc21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35653", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "9c9af0dc-971d-41f8-882e-d29f22ef59ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35650", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/368", "content": "CVE-2022-35650 : Vulnerability in Moodle - Analysis\nhttps://0x1337.ninja/2022/07/30/cve-2022-35650-analysis", "creation_timestamp": "2022-08-03T18:30:19.000000Z"}, {"uuid": "08d39920-b089-49d3-9784-5b6d53f58bd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35653", "type": "seen", "source": "https://t.me/cibsecurity/46937", "content": "\u203c CVE-2022-35653 \u203c\n\nA reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T20:33:13.000000Z"}, {"uuid": "6d24d13b-61e5-42bb-aba4-6199b81afd72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35651", "type": "seen", "source": "https://t.me/cibsecurity/46940", "content": "\u203c CVE-2022-35651 \u203c\n\nA stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T20:33:19.000000Z"}, {"uuid": "40405663-8b6f-4567-a277-123b7fcf16d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35652", "type": "seen", "source": "https://t.me/cibsecurity/46939", "content": "\u203c CVE-2022-35652 \u203c\n\nAn open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T20:33:15.000000Z"}, {"uuid": "cf98ea61-c896-4191-8f5e-3e0bd87b408e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35653", "type": "seen", "source": "https://t.me/arpsyndicate/203", "content": "#ExploitObserverAlert\n\nCVE-2022-35653\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2022-35653. A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.\n\nFIRST-EPSS: 0.006730000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-11-17T04:55:23.000000Z"}, {"uuid": "dc066c3c-cf3e-441d-8099-8631f1b6d574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35653", "type": "seen", "source": "https://gist.github.com/nguyenvietphat-0302/105c79ab797c054b1bc4ec1b9beb4aaf", "content": "", "creation_timestamp": "2026-04-30T03:00:55.000000Z"}, {"uuid": "d769db85-e7b7-4dfc-9d59-7b123682ae14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3565", "type": "seen", "source": "https://t.me/cibsecurity/51623", "content": "\u203c CVE-2022-3565 \u203c\n\nA vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T22:13:20.000000Z"}, {"uuid": "08ba8d9e-9c8a-4ada-ac93-3d42ff46e983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35650", "type": "seen", "source": "https://t.me/cibsecurity/46935", "content": "\u203c CVE-2022-35650 \u203c\n\nThe vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T20:33:11.000000Z"}, {"uuid": "b2ea9e61-b9b4-47af-9919-81d9d28317a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35656", "type": "seen", "source": "https://t.me/cibsecurity/48489", "content": "\u203c CVE-2022-35656 \u203c\n\nPega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:20:44.000000Z"}, {"uuid": "b16932fc-0ecd-4fe4-9a93-e5d894ad0dd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35654", "type": "seen", "source": "https://t.me/cibsecurity/48484", "content": "\u203c CVE-2022-35654 \u203c\n\nPega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:20:38.000000Z"}, {"uuid": "76e62285-2b16-44ce-9baf-6b303fb9171b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35650", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6409", "content": "CVE-2022-35650 Analysis\n\nhttps://0x1337.ninja/2022/07/30/cve-2022-35650-analysis/", "creation_timestamp": "2022-07-31T21:25:48.000000Z"}, {"uuid": "cb04c74c-e0d0-49ca-bd7a-2a5205d06303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35650", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6523", "content": "#exploit\nCVE-2022-35650:\nVulnerability in Moodle - Analysis 1-day CVE patch\nhttps://0x1337.ninja/2022/07/30/cve-2022-35650-analysis", "creation_timestamp": "2022-08-03T11:03:01.000000Z"}]}