{"vulnerability": "cve-2025-22383", "sightings": [{"uuid": "913aae65-8d60-4618-881c-e58ab09cd759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22383", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113767634090843012", "content": "", "creation_timestamp": "2025-01-04T02:05:31.286438Z"}, {"uuid": "e6b3c011-16cf-4224-a79a-6cb0a04cb2f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22383", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113767647016420013", "content": "", "creation_timestamp": "2025-01-04T02:08:50.015007Z"}, {"uuid": "26704974-8447-495c-8679-bb258c9908ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22383", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/169", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-79xq-2cpc-pjfm\n\ud83d\udd17 Aliases: CVE-2025-22383\n\ud83d\udd39 Details: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\n\ud83d\uddd3\ufe0f Modified: 2025-01-06T15:30:59Z\n\ud83d\uddd3\ufe0f Published: 2025-01-04T03:33:08Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-79\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-22383\n2. https://support.optimizely.com/hc/en-us/articles/32694923652493-Configured-Commerce-Security-Advisory-COM-2024-03", "creation_timestamp": "2025-01-06T15:37:32.000000Z"}, {"uuid": "ce4ca6d3-5b27-47b7-af97-85dfc4c2bef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22383", "type": "seen", "source": "https://t.me/cvedetector/14258", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22383 - Optimizely Configured Commerce Email Markup Injection\", \n  \"Content\": \"CVE ID : CVE-2025-22383 \nPublished : Jan. 4, 2025, 2:15 a.m. | 28\u00a0minutes ago \nDescription : An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-04T03:53:18.000000Z"}]}