{"id":"CVE-2022-22733","details":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions.","modified":"2026-03-14T11:30:37.075775Z","published":"2022-01-20T11:15:08.100Z","references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2022/01/20/2"},{"type":"ADVISORY","url":"https://lists.apache.org/thread/qpdsm936n9bhksb0rzn6bq1h7ord2nm6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/shardingsphere-elasticjob-ui","events":[{"introduced":"0"},{"last_affected":"1c1707b3aac284f957babc89023a24c8355dae2d"},{"introduced":"0"},{"last_affected":"174661dc77366eb8ab0742ac61ab0f5c84a60f2c"},{"introduced":"0"},{"last_affected":"e515054bbb165667fd34fda528f7bce15e94a23b"},{"introduced":"0"},{"last_affected":"d46c9bc9ebc500506badefbc9aaa24e89c72f395"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0.0-NA"},{"introduced":"0"},{"last_affected":"3.0.0-alpha"},{"introduced":"0"},{"last_affected":"3.0.0-beta"},{"introduced":"0"},{"last_affected":"3.0.0-rc1"}]}}],"versions":["3.0.0","3.0.0-RC1","3.0.0-alpha","3.0.0-beta"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-22733.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}