{"id":"CVE-2022-40488","details":"ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).","aliases":["GHSA-vpwh-qmwc-2phg"],"modified":"2026-04-12T05:06:41.192880Z","published":"2022-10-31T12:15:10.307Z","references":[{"type":"ADVISORY","url":"http://processwire.com"},{"type":"FIX","url":"https://gist.github.com/filipaze/76138289ded98aa45dfcd939a8afd331"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/processwire/processwire","events":[{"introduced":"0"},{"last_affected":"3acd7709c1cfc1817579db00c2f608235bdfb1e7"}],"database_specific":{"cpe":"cpe:2.3:a:processwire:processwire:3.0.200:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.0.200"}],"source":"CPE_FIELD"}}],"versions":["3.0.123","3.0.148","3.0.164","3.0.165","3.0.184","3.0.200","3.0.34","3.0.35","3.0.36","3.0.39","3.0.41","3.0.42","3.0.61","3.0.62","3.0.96","3.0.98"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-40488.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}