{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T13:40:59.214","vulnerabilities":[{"cve":{"id":"CVE-2012-4541","sourceIdentifier":"secalert@redhat.com","published":"2012-11-19T12:10:52.510","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Piwik antes de v1.9 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.4","matchCriteriaId":"99DAAC69-194C-4FCC-B6B1-5DD84139E9F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.0:*:*:*:*:*:*:*","matchCriteriaId":"E45F2630-A217-4F08-B36B-314AD69DD92D"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.2:*:*:*:*:*:*:*","matchCriteriaId":"491C3F7C-889A-4E2A-A956-5ABB3836BAE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"E38E65CD-4B1F-4D81-A818-6A4B0E312253"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.3:*:*:*:*:*:*:*","matchCriteriaId":"0E10E743-30FB-408C-A50B-BCAA0D750B82"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.4:*:*:*:*:*:*:*","matchCriteriaId":"B80242D7-A09F-430A-9468-B52EBA6F6337"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.5:*:*:*:*:*:*:*","matchCriteriaId":"EF4B194B-C780-4005-A641-BCDB8A81FBE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.5.1:*:*:*:*:*:*:*","matchCriteriaId":"C58F5320-BE2E-46D6-AFD8-BB298A10926F"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.6:*:*:*:*:*:*:*","matchCriteriaId":"F1D3535D-A8F1-42A2-BD7E-4EEFEF15C1F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.7:*:*:*:*:*:*:*","matchCriteriaId":"0FFB1D11-C059-4CD4-9C38-8D2A7901BC8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.8:*:*:*:*:*:*:*","matchCriteriaId":"A33B1DF0-B069-4A72-A7AB-643E459FDB11"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.8.1:*:*:*:*:*:*:*","matchCriteriaId":"C2869144-4413-469B-A6EE-31F5180BA10F"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.8.2:*:*:*:*:*:*:*","matchCriteriaId":"FACB8A22-2A07-4598-B8B6-27BC60F5E359"},{"vulnerable":true,"criteria":"cpe:2.3:a:matomo:matomo:1.8.3:*:*:*:*:*:*:*","matchCriteriaId":"6B2C56AA-46BA-4C13-8BA2-6C37AF63D5B3"}]}]}],"references":[{"url":"http://piwik.org/blog/2012/10/piwik-1-9/","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2012/10/22/1","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2012/10/23/2","source":"secalert@redhat.com"},{"url":"http://piwik.org/blog/2012/10/piwik-1-9/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2012/10/22/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2012/10/23/2","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}