Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/facturascripts/facturascripts@2022.6.0
Typecomposer
Namespacefacturascripts
Namefacturascripts
Version2022.6.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2022.4.0
Latest_non_vulnerable_version2025.81.0
Affected_by_vulnerabilities
0
url VCID-adxt-zxmy-6kg7
vulnerability_id VCID-adxt-zxmy-6kg7
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting - Reflected in Create Subaccount in GitHub repository neorazorx/facturascripts prior to 2022.07. This vulnerability can be arbitrarily executed javascript code to steal user'cookie, perform HTTP request, get content of `same origin` page, etc ...
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1571
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55497
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1571
1
reference_url https://github.com/neorazorx/facturascripts/commit/482c5a82b4d79e7a19614f5a67dc24593046cefd
reference_id
reference_type
scores
url https://github.com/neorazorx/facturascripts/commit/482c5a82b4d79e7a19614f5a67dc24593046cefd
2
reference_url https://huntr.dev/bounties/4578a690-73e5-4313-840c-ee15e5329741
reference_id
reference_type
scores
url https://huntr.dev/bounties/4578a690-73e5-4313-840c-ee15e5329741
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1571
reference_id CVE-2022-1571
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-1571
4
reference_url https://github.com/advisories/GHSA-m8gv-gvhf-7rhp
reference_id GHSA-m8gv-gvhf-7rhp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m8gv-gvhf-7rhp
fixed_packages
0
url pkg:composer/facturascripts/facturascripts@2022.7.0
purl pkg:composer/facturascripts/facturascripts@2022.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/facturascripts/facturascripts@2022.7.0
aliases CVE-2022-1571, GHSA-m8gv-gvhf-7rhp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-adxt-zxmy-6kg7
Fixing_vulnerabilities
0
url VCID-th7u-38d2-93h6
vulnerability_id VCID-th7u-38d2-93h6
summary 
Cross site scripting in FacturaScripts
Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Attackers can masquerade as authorized users via session cookies, allowing them to perform any action allowed by the user account.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1514
reference_id
reference_type
scores
0
value 0.00395
scoring_system epss
scoring_elements 0.60656
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1514
1
reference_url https://github.com/neorazorx/facturascripts/commit/aa9f28cb86467468f43486b77ddef7ff4d3c687e
reference_id
reference_type
scores
url https://github.com/neorazorx/facturascripts/commit/aa9f28cb86467468f43486b77ddef7ff4d3c687e
2
reference_url https://huntr.dev/bounties/4ae2a917-843a-4ae4-8197-8425a596761c
reference_id
reference_type
scores
url https://huntr.dev/bounties/4ae2a917-843a-4ae4-8197-8425a596761c
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1514
reference_id CVE-2022-1514
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-1514
4
reference_url https://github.com/advisories/GHSA-p3w3-4ppm-c3f6
reference_id GHSA-p3w3-4ppm-c3f6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p3w3-4ppm-c3f6
fixed_packages
0
url pkg:composer/facturascripts/facturascripts@2022.6.0
purl pkg:composer/facturascripts/facturascripts@2022.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-adxt-zxmy-6kg7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/facturascripts/facturascripts@2022.6.0
aliases CVE-2022-1514, GHSA-p3w3-4ppm-c3f6
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-th7u-38d2-93h6
1
url VCID-vgj5-cwfq-pyb7
vulnerability_id VCID-vgj5-cwfq-pyb7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2065
reference_id
reference_type
scores
0
value 0.00267
scoring_system epss
scoring_elements 0.50377
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2065
1
reference_url https://github.com/neorazorx/facturascripts/commit/1d1edb40b40016d7fd2893b410b98569d7facca1
reference_id
reference_type
scores
url https://github.com/neorazorx/facturascripts/commit/1d1edb40b40016d7fd2893b410b98569d7facca1
2
reference_url https://huntr.dev/bounties/bcb44da4-d5c9-4830-924f-02d6defe6506
reference_id
reference_type
scores
url https://huntr.dev/bounties/bcb44da4-d5c9-4830-924f-02d6defe6506
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2065
reference_id CVE-2022-2065
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2065
4
reference_url https://github.com/advisories/GHSA-fp76-f299-v3hj
reference_id GHSA-fp76-f299-v3hj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fp76-f299-v3hj
fixed_packages
0
url pkg:composer/facturascripts/facturascripts@2022.6.0
purl pkg:composer/facturascripts/facturascripts@2022.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-adxt-zxmy-6kg7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/facturascripts/facturascripts@2022.6.0
aliases CVE-2022-2065, GHSA-fp76-f299-v3hj
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgj5-cwfq-pyb7
2
url VCID-wb34-u2aw-17bb
vulnerability_id VCID-wb34-u2aw-17bb
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2066
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.59213
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2066
1
reference_url https://github.com/neorazorx/facturascripts/commit/73a6595ca85984d65f656c6356fabb23d1936c54
reference_id
reference_type
scores
url https://github.com/neorazorx/facturascripts/commit/73a6595ca85984d65f656c6356fabb23d1936c54
2
reference_url https://huntr.dev/bounties/da4bbbfd-501f-4c7e-be83-47778103cb59
reference_id
reference_type
scores
url https://huntr.dev/bounties/da4bbbfd-501f-4c7e-be83-47778103cb59
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2066
reference_id CVE-2022-2066
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2066
4
reference_url https://github.com/advisories/GHSA-h6wm-mr85-4h9g
reference_id GHSA-h6wm-mr85-4h9g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h6wm-mr85-4h9g
fixed_packages
0
url pkg:composer/facturascripts/facturascripts@2022.6.0
purl pkg:composer/facturascripts/facturascripts@2022.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-adxt-zxmy-6kg7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/facturascripts/facturascripts@2022.6.0
aliases CVE-2022-2066, GHSA-h6wm-mr85-4h9g
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wb34-u2aw-17bb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/facturascripts/facturascripts@2022.6.0