{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T15:16:25.468","vulnerabilities":[{"cve":{"id":"CVE-2022-32763","sourceIdentifier":"talos-cna@cisco.com","published":"2022-12-15T10:15:11.780","lastModified":"2026-06-17T04:47:52.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability."},{"lang":"es","value":"Existe una omisión de vulnerabilidad de sanitización de Cross-Site Scripting (XSS) en la funcionalidad SanitizeHtml de Lansweeper lansweeper 10.1.1.0. Una solicitud HTTP especialmente manipulada puede provocar una inyección de código Javascript arbitrario. Un atacante puede enviar una solicitud HTTP para desencadenar esta vulnerabilidad."}],"affected":[{"source":"talos-cna@cisco.com","affectedData":[{"vendor":"Lansweeper","product":"lansweeper","versions":[{"version":"10.1.1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-15T18:17:08.900034Z","id":"CVE-2022-32763","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-184"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lansweeper:lansweeper:10.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2B678EA8-701A-4508-BC31-AE93AEE6F1EE"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1541","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1541","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}