{"uuid": "26704974-8447-495c-8679-bb258c9908ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22383", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/169", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-79xq-2cpc-pjfm\n\ud83d\udd17 Aliases: CVE-2025-22383\n\ud83d\udd39 Details: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\n\ud83d\uddd3\ufe0f Modified: 2025-01-06T15:30:59Z\n\ud83d\uddd3\ufe0f Published: 2025-01-04T03:33:08Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-79\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-22383\n2. https://support.optimizely.com/hc/en-us/articles/32694923652493-Configured-Commerce-Security-Advisory-COM-2024-03", "creation_timestamp": "2025-01-06T15:37:32.000000Z"}