{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T00:45:22.347","vulnerabilities":[{"cve":{"id":"CVE-2022-25776","sourceIdentifier":"security@mautic.org","published":"2024-09-18T15:15:13.620","lastModified":"2024-09-24T15:19:46.117","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing.\n\nUsers could potentially access sensitive data such as names and surnames, company names and stage names."},{"lang":"es","value":"Antes de la versión parcheada, los usuarios registrados de Mautic podían acceder a áreas de la aplicación a las que no deberían tener acceso. Los usuarios podrían acceder a datos confidenciales como nombres y apellidos, nombres de empresas y nombres artísticos."}],"metrics":{"cvssMetricV31":[{"source":"security@mautic.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@mautic.org","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.2","versionEndExcluding":"4.4.12","matchCriteriaId":"C1CFF2CB-ED56-492C-BD50-7E127044780A"},{"vulnerable":true,"criteria":"cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.4","matchCriteriaId":"3123A79D-F360-44BE-85BA-34304F3E1B40"}]}]}],"references":[{"url":"https://github.com/mautic/mautic/security/advisories/GHSA-qjx3-2g35-6hv8","source":"security@mautic.org","tags":["Third Party Advisory"]}]}}]}