{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-04T05:02:10.714","vulnerabilities":[{"cve":{"id":"CVE-2022-4638","sourceIdentifier":"cna@vuldb.com","published":"2022-12-21T22:15:08.570","lastModified":"2026-06-17T05:21:25.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496."},{"lang":"es","value":"Una vulnerabilidad fue encontrada en collective.contact.widget hasta 1.12 y clasificada como problemática. Esta vulnerabilidad afecta a la función title del archivo src/collective/contact/widget/widgets.py. La manipulación conduce a Cross-Site Scripting. El ataque se puede iniciar de forma remota. El nombre del parche es 5da36305ca7ed433782be8901c47387406fcda12. Se recomienda aplicar un parche para solucionar este problema. El identificador de esta vulnerabilidad es VDB-216496."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"unspecified","product":"collective.contact.widget","versions":[{"version":"1.0","status":"affected"},{"version":"1.1","status":"affected"},{"version":"1.2","status":"affected"},{"version":"1.3","status":"affected"},{"version":"1.4","status":"affected"},{"version":"1.5","status":"affected"},{"version":"1.6","status":"affected"},{"version":"1.7","status":"affected"},{"version":"1.8","status":"affected"},{"version":"1.9","status":"affected"},{"version":"1.10","status":"affected"},{"version":"1.11","status":"affected"},{"version":"1.12","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T16:59:41.880300Z","id":"CVE-2022-4638","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-707"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:collective.contact.widget_project:collective.contact.widget:*:*:*:*:*:*:*:*","versionEndExcluding":"1.12","matchCriteriaId":"CE474E9B-FD4F-4AC8-A4B3-BDAF85499E35"}]}]}],"references":[{"url":"https://github.com/collective/collective.contact.widget/commit/5da36305ca7ed433782be8901c47387406fcda12","source":"cna@vuldb.com","tags":["Patch","Third Party Advisory"]},{"url":"https://vuldb.com/?id.216496","source":"cna@vuldb.com","tags":["Third Party Advisory"]},{"url":"https://github.com/collective/collective.contact.widget/commit/5da36305ca7ed433782be8901c47387406fcda12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://vuldb.com/?id.216496","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}