Apr 8, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • X2engine X2crm: public exploit or PoC linked (XSS)

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2022-0020 Paloaltonetworks Cortex Xsoar XSS

  • Public exploit or PoC available
  • Exploit activity linked

Paloaltonetworks Cortex Xsoar XSS now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2022-25630 An authenticated user can embed malicious content with XSS into the admin group policy page.

  • Public exploit or PoC available
  • Exploit activity linked

Symantec Messaging Gateway cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Hitachi Vantara Pentaho Business Analytics (BA) Server privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2022-30076 Exploit

ENTAB ERP 1.0 allows attackers to discover users' full names via a brute force attack with a series of student usernames such as s10000 t...

CVE-2022-48177 Exploit

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the adin/impor...

CVE-2022-48178 Exploit

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Create Action...

CVE-2022-43769 Exploit

Hitachi Vantara Pentaho BA Server Special Element Injection

CVE-2022-43939 Exploit

Hitachi Vantara Pentaho BA Server Authorization Bypass

CVE-2023-26692 Exploit

ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management System (ZBBS)...

CVE-2023-27167 Exploit

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?search_month=1.

CVE-2022-47529 Exploit

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accoun...

CVE-2023-27100 Exploit

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense...

CVE-2023-23399 Exploit

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-28343 Exploit

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone ti...

CVE-2022-41333 Exploit

An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authenticat...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

Nothing flagged in this category for this digest.

View critical disclosures

cvelogic Threat Intelligence