{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T17:55:51.777","vulnerabilities":[{"cve":{"id":"CVE-2022-25775","sourceIdentifier":"security@mautic.org","published":"2024-09-18T15:15:13.440","lastModified":"2024-09-23T23:22:15.763","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.\n\nThe user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems."},{"lang":"es","value":"Antes de la versión parcheada, los usuarios registrados de Mautic eran vulnerables a una vulnerabilidad de inyección SQL en el paquete de informes. El usuario podía recuperar y alterar datos como datos confidenciales, datos de inicio de sesión y, según el permiso de la base de datos, el atacante podía manipular los sistemas de archivos."}],"metrics":{"cvssMetricV31":[{"source":"security@mautic.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.7,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security@mautic.org","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*","versionStartIncluding":"2.14.1","versionEndExcluding":"4.4.12","matchCriteriaId":"E6C670F8-5A52-4013-BC7F-7D63F0B9EFE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.4","matchCriteriaId":"3123A79D-F360-44BE-85BA-34304F3E1B40"}]}]}],"references":[{"url":"https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94","source":"security@mautic.org","tags":["Third Party Advisory"]}]}}]}