admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-223xx/CVE-2025-22383.json
cad-safe-bot a3043036d0 Auto-Update: 2025-01-12T03:00:19.531309+00:00
2025-01-12 03:03:49 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-22383",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-04T02:15:06.797",
"lastModified": "2025-01-06T15:15:16.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Optimizely Configured Commerce antes de la versi\u00f3n 5.2.2408. Existe un problema de validaci\u00f3n de entrada de gravedad media en la aplicaci\u00f3n Commerce B2B, que afecta la funci\u00f3n Contact Us. Esto permite que los visitantes env\u00eden mensajes de correo electr\u00f3nico que podr\u00edan contener marcado HTML sin filtrar en situaciones espec\u00edficas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.optimizely.com/hc/en-us/articles/32694923652493-Configured-Commerce-Security-Advisory-COM-2024-03",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink