Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/500075?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/500075?format=api", "purl": "pkg:composer/forkcms/forkcms@5.7.1", "type": "composer", "namespace": "forkcms", "name": "forkcms", "version": "5.7.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.11.1", "latest_non_vulnerable_version": "5.11.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325490?format=api", "vulnerability_id": "VCID-3hj7-ythr-yuam", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42711", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42871", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23960" }, { "reference_url": "https://github.com/forkcms/forkcms/pull/3123", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/pull/3123" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23960", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23960" }, { "reference_url": "https://www.fork-cms.com/blog/detail/fork-5.8.3-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.fork-cms.com/blog/detail/fork-5.8.3-released" }, { "reference_url": "https://github.com/advisories/GHSA-pvgf-mrr4-cw7r", "reference_id": "GHSA-pvgf-mrr4-cw7r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pvgf-mrr4-cw7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19242?format=api", "purl": "pkg:composer/forkcms/forkcms@5.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-9s32-dkgr-tyb4" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-a85x-t9uk-2kg8" }, { "vulnerability": "VCID-e6wj-8fte-hqds" }, { "vulnerability": "VCID-fcqm-mep8-vqdr" }, { "vulnerability": "VCID-h6yg-1d43-yycc" }, { "vulnerability": "VCID-vrms-fwp5-w3e9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.8.3" } ], "aliases": [ "CVE-2020-23960", "GHSA-pvgf-mrr4-cw7r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hj7-ythr-yuam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208586?format=api", "vulnerability_id": "VCID-6bst-csr9-nqc5", "summary": "SQL Injection in Fork CMS", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50965", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50832", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0153" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608" }, { "reference_url": "https://huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0153", "reference_id": "CVE-2022-0153", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0153" }, { "reference_url": "https://github.com/advisories/GHSA-q863-cchm-c6c6", "reference_id": "GHSA-q863-cchm-c6c6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q863-cchm-c6c6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19836?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.1" } ], "aliases": [ "CVE-2022-0153", "GHSA-q863-cchm-c6c6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bst-csr9-nqc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208060?format=api", "vulnerability_id": "VCID-8xyp-phxj-87eq", "summary": "Cross-site scripting in forkcms", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59247", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59135", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23263" }, { "reference_url": "https://github.com/forkcms/forkcms/pull/3093", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/pull/3093" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23263", "reference_id": "CVE-2020-23263", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23263" }, { "reference_url": "https://github.com/advisories/GHSA-vp4x-94ff-2cmv", "reference_id": "GHSA-vp4x-94ff-2cmv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vp4x-94ff-2cmv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19242?format=api", "purl": "pkg:composer/forkcms/forkcms@5.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-9s32-dkgr-tyb4" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-a85x-t9uk-2kg8" }, { "vulnerability": "VCID-e6wj-8fte-hqds" }, { "vulnerability": "VCID-fcqm-mep8-vqdr" }, { "vulnerability": "VCID-h6yg-1d43-yycc" }, { "vulnerability": "VCID-vrms-fwp5-w3e9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.8.3" } ], "aliases": [ "CVE-2020-23263", "GHSA-vp4x-94ff-2cmv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xyp-phxj-87eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211188?format=api", "vulnerability_id": "VCID-9s32-dkgr-tyb4", "summary": "ForkCMS XSS via `end_date` parameter", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41039", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40873", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35590" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296" }, { "reference_url": "https://huntr.dev/bounties/4-other-forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/4-other-forkcms" }, { "reference_url": "https://huntr.dev/bounties/4-other-forkcms/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/4-other-forkcms/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35590", "reference_id": "CVE-2022-35590", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35590" }, { "reference_url": "https://github.com/advisories/GHSA-pw4j-r69m-rrr5", "reference_id": "GHSA-pw4j-r69m-rrr5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pw4j-r69m-rrr5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25759?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-h6yg-1d43-yycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.0" } ], "aliases": [ "CVE-2022-35590", "GHSA-pw4j-r69m-rrr5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9s32-dkgr-tyb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208591?format=api", "vulnerability_id": "VCID-a5ur-bdkw-v7cp", "summary": "Cross-site Scripting in Fork CMS", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57636", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.5752", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0145" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e" }, { "reference_url": "https://huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0145", "reference_id": "CVE-2022-0145", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0145" }, { "reference_url": "https://github.com/advisories/GHSA-qf2g-q4mc-w7rr", "reference_id": "GHSA-qf2g-q4mc-w7rr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qf2g-q4mc-w7rr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19836?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.1" } ], "aliases": [ "CVE-2022-0145", "GHSA-qf2g-q4mc-w7rr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5ur-bdkw-v7cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211189?format=api", "vulnerability_id": "VCID-a85x-t9uk-2kg8", "summary": "ForkCMS stored XSS via `start_date` parameter", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46101", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45956", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35585" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296" }, { "reference_url": "https://huntr.dev/bounties/5-other-forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/5-other-forkcms" }, { "reference_url": "https://huntr.dev/bounties/5-other-forkcms/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/5-other-forkcms/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35585", "reference_id": "CVE-2022-35585", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35585" }, { "reference_url": "https://github.com/advisories/GHSA-9hmc-87h4-w869", "reference_id": "GHSA-9hmc-87h4-w869", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9hmc-87h4-w869" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25759?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-h6yg-1d43-yycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.0" } ], "aliases": [ "CVE-2022-35585", "GHSA-9hmc-87h4-w869" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a85x-t9uk-2kg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211190?format=api", "vulnerability_id": "VCID-e6wj-8fte-hqds", "summary": "ForkCMS XSS via `publish_on_date` parameter", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46101", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45956", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35587" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296" }, { "reference_url": "https://huntr.dev/bounties/6-other-forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/6-other-forkcms" }, { "reference_url": "https://huntr.dev/bounties/6-other-forkcms/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/6-other-forkcms/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35587", "reference_id": "CVE-2022-35587", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35587" }, { "reference_url": "https://github.com/advisories/GHSA-65wf-qm95-6mhm", "reference_id": "GHSA-65wf-qm95-6mhm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-65wf-qm95-6mhm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25759?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-h6yg-1d43-yycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.0" } ], "aliases": [ "CVE-2022-35587", "GHSA-65wf-qm95-6mhm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6wj-8fte-hqds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/338334?format=api", "vulnerability_id": "VCID-fcqm-mep8-vqdr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62565", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62666", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28931" }, { "reference_url": "https://github.com/bousalman/ForkCMS-arbitrary-upload/blob/main/README.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bousalman/ForkCMS-arbitrary-upload/blob/main/README.md" }, { "reference_url": "https://github.com/forkcms/forkcms/pull/3351", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/pull/3351" }, { "reference_url": "https://github.com/forkcms/forkcms/releases/tag/5.9.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/releases/tag/5.9.2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28931", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28931" }, { "reference_url": "https://github.com/advisories/GHSA-748f-wv76-x9hg", "reference_id": "GHSA-748f-wv76-x9hg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-748f-wv76-x9hg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382659?format=api", "purl": "pkg:composer/forkcms/forkcms@5.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-9s32-dkgr-tyb4" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-a85x-t9uk-2kg8" }, { "vulnerability": "VCID-e6wj-8fte-hqds" }, { "vulnerability": "VCID-h6yg-1d43-yycc" }, { "vulnerability": "VCID-vrms-fwp5-w3e9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.9.3" } ], "aliases": [ "CVE-2021-28931", "GHSA-748f-wv76-x9hg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fcqm-mep8-vqdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325253?format=api", "vulnerability_id": "VCID-gjm9-w6ra-n3dt", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51849", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51979", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23049" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/6ec6171206a7507a39695edc8bbd1b97ef1041c6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/6ec6171206a7507a39695edc8bbd1b97ef1041c6" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23049", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23049" }, { "reference_url": "https://www.vulnerability-lab.com/get_content.php?id=2208", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vulnerability-lab.com/get_content.php?id=2208" }, { "reference_url": "https://github.com/advisories/GHSA-3374-7h99-xr85", "reference_id": "GHSA-3374-7h99-xr85", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3374-7h99-xr85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382226?format=api", "purl": "pkg:composer/forkcms/forkcms@5.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hj7-ythr-yuam" }, { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-8xyp-phxj-87eq" }, { "vulnerability": "VCID-9s32-dkgr-tyb4" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-a85x-t9uk-2kg8" }, { "vulnerability": "VCID-e6wj-8fte-hqds" }, { "vulnerability": "VCID-fcqm-mep8-vqdr" }, { "vulnerability": "VCID-h6yg-1d43-yycc" }, { "vulnerability": "VCID-ha8d-wb4r-6fc2" }, { "vulnerability": "VCID-pzmp-qkwq-kbad" }, { "vulnerability": "VCID-vrms-fwp5-w3e9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.8.1" } ], "aliases": [ "CVE-2020-23049", "GHSA-3374-7h99-xr85" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjm9-w6ra-n3dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208597?format=api", "vulnerability_id": "VCID-h6yg-1d43-yycc", "summary": "SQL Injection in Fork CMS", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53638", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53512", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1064" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069" }, { "reference_url": "https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1064", "reference_id": "CVE-2022-1064", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1064" }, { "reference_url": "https://github.com/advisories/GHSA-rr8m-29g8-8cgc", "reference_id": "GHSA-rr8m-29g8-8cgc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rr8m-29g8-8cgc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19836?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.1" } ], "aliases": [ "CVE-2022-1064", "GHSA-rr8m-29g8-8cgc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6yg-1d43-yycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325304?format=api", "vulnerability_id": "VCID-ha8d-wb4r-6fc2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29162", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29362", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23264" }, { "reference_url": "https://github.com/forkcms/forkcms/pull/3123", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/pull/3123" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23264", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23264" }, { "reference_url": "https://github.com/advisories/GHSA-82xf-8h9p-c6qj", "reference_id": "GHSA-82xf-8h9p-c6qj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-82xf-8h9p-c6qj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/383251?format=api", "purl": "pkg:composer/forkcms/forkcms@5.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hj7-ythr-yuam" }, { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-8xyp-phxj-87eq" }, { "vulnerability": "VCID-9s32-dkgr-tyb4" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-a85x-t9uk-2kg8" }, { "vulnerability": "VCID-e6wj-8fte-hqds" }, { "vulnerability": "VCID-fcqm-mep8-vqdr" }, { "vulnerability": "VCID-h6yg-1d43-yycc" }, { "vulnerability": "VCID-pzmp-qkwq-kbad" }, { "vulnerability": "VCID-vrms-fwp5-w3e9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.8.2" } ], "aliases": [ "CVE-2020-23264", "GHSA-82xf-8h9p-c6qj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ha8d-wb4r-6fc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/322209?format=api", "vulnerability_id": "VCID-pzmp-qkwq-kbad", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47527", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47668", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13633" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/b88f8a2033a4b9b4cbfce96c85691aafb021819d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/b88f8a2033a4b9b4cbfce96c85691aafb021819d" }, { "reference_url": "https://github.com/forkcms/forkcms/pull/3093", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/pull/3093" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13633", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13633" }, { "reference_url": "https://github.com/advisories/GHSA-74gc-hf33-5353", "reference_id": "GHSA-74gc-hf33-5353", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-74gc-hf33-5353" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19242?format=api", "purl": "pkg:composer/forkcms/forkcms@5.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-9s32-dkgr-tyb4" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-a85x-t9uk-2kg8" }, { "vulnerability": "VCID-e6wj-8fte-hqds" }, { "vulnerability": "VCID-fcqm-mep8-vqdr" }, { "vulnerability": "VCID-h6yg-1d43-yycc" }, { "vulnerability": "VCID-vrms-fwp5-w3e9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.8.3" } ], "aliases": [ "CVE-2020-13633", "GHSA-74gc-hf33-5353" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pzmp-qkwq-kbad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211191?format=api", "vulnerability_id": "VCID-vrms-fwp5-w3e9", "summary": "ForkCMS XSS via `publish_on_time` parameter", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41039", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40873", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35589" }, { "reference_url": "https://github.com/forkcms/forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms" }, { "reference_url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/forkcms/forkcms/commit/76bf739e01f697e10c1277b9726e39b9705be296" }, { "reference_url": "https://huntr.dev/bounties/7-other-forkcms", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/7-other-forkcms" }, { "reference_url": "https://huntr.dev/bounties/7-other-forkcms/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/7-other-forkcms/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35589", "reference_id": "CVE-2022-35589", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35589" }, { "reference_url": "https://github.com/advisories/GHSA-q4qv-3x58-rxmh", "reference_id": "GHSA-q4qv-3x58-rxmh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q4qv-3x58-rxmh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25759?format=api", "purl": "pkg:composer/forkcms/forkcms@5.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6bst-csr9-nqc5" }, { "vulnerability": "VCID-a5ur-bdkw-v7cp" }, { "vulnerability": "VCID-h6yg-1d43-yycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.11.0" } ], "aliases": [ "CVE-2022-35589", "GHSA-q4qv-3x58-rxmh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrms-fwp5-w3e9" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/forkcms/forkcms@5.7.1" }