Moderate severityNVD Advisory· Published Dec 10, 2022· Updated Apr 15, 2025

RDFlib pyrdfa3 init.py _get_option cross site scripting

CVE-2022-4396

Description

A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function _get_option of the file pyRdfa/__init__.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e. It is recommended to apply a patch to fix this issue. The identifier VDB-215249 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
pyRdfa3PyPI	< 3.6.2	3.6.2

Affected products

ghsa-coords
pkg:pypi/pyrdfa3
Range: < 3.6.2
RDFlib/pyrdfa3v5
Range: n/a

Patches

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-894q-wpg5-mf2hghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2022-4396ghsaADVISORY
github.com/RDFLib/pyrdfa3/commit/ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3eghsaWEB
github.com/RDFLib/pyrdfa3/issues/38ghsaWEB
github.com/RDFLib/pyrdfa3/pull/40ghsaWEB
vuldb.comghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000