CVE-2022-25774 - Vulnerability Details - OpenCVE

Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.

Users could inject malicious code into the notification when saving Dashboards.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00025.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Acquia	Mautic

Configuration 1 [-]

cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

Update to 4.4.12 or later.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/mautic/mautic/security/advisories/GHSA-fhcx-f7jg-jx3f

History

Tue, 15 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00023}`	epss `{'score': 0.00025}`

Mon, 23 Sep 2024 23:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Acquia Acquia mautic
CPEs		cpe:2.3:a:acquia:mautic::::::::
Vendors & Products		Acquia Acquia mautic

Wed, 18 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 18 Sep 2024 15:15:00 +0000

Type	Values Removed	Values Added
Description		Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic. Users could inject malicious code into the notification when saving Dashboards.
Title		XSS in Notifications via saving Dashboards
Weaknesses		CWE-79
References		https://github.com/mautic/mautic/security/advisories/GHSA-fhcx-f7jg-jx3f
Metrics		cvssV3_1 `{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: Mautic

Published: 2024-09-18T14:54:36.249Z

Updated: 2024-09-18T21:29:02.453Z

Reserved: 2022-02-22T20:17:36.805Z

Link: CVE-2022-25774

Vulnrichment

Updated: 2024-09-18T17:55:18.581Z

NVD

Status : Analyzed

Published: 2024-09-18T15:15:13.253

Modified: 2024-09-23T23:21:35.443

Link: CVE-2022-25774

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-25774", "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "state": "PUBLISHED", "assignerShortName": "Mautic", "dateReserved": "2022-02-22T20:17:36.805Z", "datePublished": "2024-09-18T14:54:36.249Z", "dateUpdated": "2024-09-18T21:29:02.453Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://packagist.org", "defaultStatus": "unaffected", "packageName": "mautic/core", "product": "Mautic", "repo": "https://github.com/mautic/mautic", "vendor": "Mautic", "versions": [{"status": "affected", "version": "< 4.4.12"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Vautia"}, {"lang": "en", "type": "remediation developer", "value": "Lenon Leite"}, {"lang": "en", "type": "remediation reviewer", "value": "Zdeno Kuzmany"}, {"lang": "en", "type": "remediation verifier", "value": "John Linhart"}], "datePublic": "2024-04-12T13:52:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.</p><p>Users could inject malicious code into the notification when saving Dashboards.</p>"}], "value": "Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.\n\nUsers could inject malicious code into the notification when saving Dashboards."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic", "dateUpdated": "2024-09-18T21:29:02.453Z"}, "references": [{"url": "https://github.com/mautic/mautic/security/advisories/GHSA-fhcx-f7jg-jx3f"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to 4.4.12 or later."}], "value": "Update to 4.4.12 or later."}], "source": {"advisory": "GHSA-fhcx-f7jg-jx3fv", "discovery": "EXTERNAL"}, "title": "XSS in Notifications via saving Dashboards", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-18T17:55:13.111344Z", "id": "CVE-2022-25774", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T17:55:21.765Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-25774", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-18T17:55:13.111344Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T17:55:18.581Z"}}], "cna": {"title": "XSS in Notifications via saving Dashboards", "source": {"advisory": "GHSA-fhcx-f7jg-jx3fv", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Vautia"}, {"lang": "en", "type": "remediation developer", "value": "Lenon Leite"}, {"lang": "en", "type": "remediation reviewer", "value": "Zdeno Kuzmany"}, {"lang": "en", "type": "remediation verifier", "value": "John Linhart"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mautic/mautic", "vendor": "Mautic", "product": "Mautic", "versions": [{"status": "affected", "version": "< 4.4.12"}], "packageName": "mautic/core", "collectionURL": "https://packagist.org", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to 4.4.12 or later.", "supportingMedia": [{"type": "text/html", "value": "Update to 4.4.12 or later.", "base64": false}]}], "datePublic": "2024-04-12T13:52:00.000Z", "references": [{"url": "https://github.com/mautic/mautic/security/advisories/GHSA-fhcx-f7jg-jx3f"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.\n\nUsers could inject malicious code into the notification when saving Dashboards.", "supportingMedia": [{"type": "text/html", "value": "<p>Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.</p><p>Users could inject malicious code into the notification when saving Dashboards.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic", "dateUpdated": "2024-09-18T21:29:02.453Z"}}}, "cveMetadata": {"cveId": "CVE-2022-25774", "state": "PUBLISHED", "dateUpdated": "2024-09-18T21:29:02.453Z", "dateReserved": "2022-02-22T20:17:36.805Z", "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "datePublished": "2024-09-18T14:54:36.249Z", "assignerShortName": "Mautic"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*", "matchCriteriaId": "F31C5536-1D68-46A3-BB5D-08A0AADAD8B1", "versionEndExcluding": "4.4.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.\n\nUsers could inject malicious code into the notification when saving Dashboards."}, {"lang": "es", "value": "Antes de la versi\u00f3n parcheada, los usuarios que hab\u00edan iniciado sesi\u00f3n en Mautic eran vulnerables a una vulnerabilidad XSS propia en las notificaciones dentro de Mautic. Los usuarios pod\u00edan inyectar c\u00f3digo malicioso en la notificaci\u00f3n al guardar los Dashboards."}], "id": "CVE-2022-25774", "lastModified": "2024-09-23T23:21:35.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "security@mautic.org", "type": "Secondary"}]}, "published": "2024-09-18T15:15:13.253", "references": [{"source": "security@mautic.org", "tags": ["Third Party Advisory"], "url": "https://github.com/mautic/mautic/security/advisories/GHSA-fhcx-f7jg-jx3f"}], "sourceIdentifier": "security@mautic.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@mautic.org", "type": "Secondary"}]}