{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T05:49:01.802","vulnerabilities":[{"cve":{"id":"CVE-2022-38660","sourceIdentifier":"psirt@hcl.com","published":"2022-11-04T20:15:10.363","lastModified":"2024-11-21T07:16:53.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability.  An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.  \n"},{"lang":"es","value":"Las aplicaciones HCL XPages son susceptibles a una vulnerabilidad de Cross-Site Request Forgery (CSRF). Un atacante no autenticado podría aprovechar esta vulnerabilidad para realizar acciones en la aplicación en nombre del usuario que inició sesión."}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@hcl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0.1","matchCriteriaId":"EA96995E-99EC-4260-A329-B4137AFBEB6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_3:*:*:*:*:*:*","matchCriteriaId":"2D00AC8D-4E35-49F4-B0EE-C03E1EE67B8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_4:*:*:*:*:*:*","matchCriteriaId":"0FBD1792-01BA-402A-859E-531F7614C9A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_5:*:*:*:*:*:*","matchCriteriaId":"DB652BE0-5767-4D42-A618-1315243A5C52"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8:*:*:*:*:*:*","matchCriteriaId":"F3D799A2-AC87-43E8-A6A2-E76E1535A7C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_1:*:*:*:*:*:*","matchCriteriaId":"9C9A93C4-70E8-472D-A038-14F72780E02F"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_2:*:*:*:*:*:*","matchCriteriaId":"442C02A0-0232-488A-8A66-62386FFBC807"},{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_3:*:*:*:*:*:*","matchCriteriaId":"A349B3BD-CB3D-4290-BE9E-8FFA68C3512B"}]}]}],"references":[{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101037","source":"psirt@hcl.com","tags":["Vendor Advisory"]},{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101037","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}