Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.wso2.identity.apps/authentication-portal@1.2.243
Typemaven
Namespaceorg.wso2.identity.apps
Nameauthentication-portal
Version1.2.243
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.4
Latest_non_vulnerable_version2.4.4
Affected_by_vulnerabilities
0
url VCID-m328-h1sk-6yhn
vulnerability_id VCID-m328-h1sk-6yhn
summary 
A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI.

By exploiting this vulnerability, attackers can manipulate browser-displayed error messages, enabling social engineering attacks through deceptive or misleading content.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6429
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.16075
published_at 2026-06-12T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.16053
published_at 2026-06-14T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15934
published_at 2026-06-11T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.16086
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6429
1
reference_url https://github.com/wso2/identity-apps
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wso2/identity-apps
2
reference_url https://github.com/wso2/identity-apps/commit/75babf6b60f940f86bada7020e5d464ca95e47f2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wso2/identity-apps/commit/75babf6b60f940f86bada7020e5d464ca95e47f2
3
reference_url https://github.com/wso2/identity-apps/pull/6488
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wso2/identity-apps/pull/6488
4
reference_url https://github.com/wso2/identity-apps/releases/tag/@wso2is/identity-apps-core@2.4.4
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wso2/identity-apps/releases/tag/@wso2is/identity-apps-core@2.4.4
5
reference_url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6429
reference_id CVE-2024-6429
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6429
7
reference_url https://github.com/advisories/GHSA-r6f3-55wj-g9p3
reference_id GHSA-r6f3-55wj-g9p3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6f3-55wj-g9p3
8
reference_url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/
reference_id WSO2-2024-3490
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T18:31:05Z/
url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/
fixed_packages
0
url pkg:maven/org.wso2.identity.apps/authentication-portal@2.4.4
purl pkg:maven/org.wso2.identity.apps/authentication-portal@2.4.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wso2.identity.apps/authentication-portal@2.4.4
aliases CVE-2024-6429, GHSA-r6f3-55wj-g9p3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m328-h1sk-6yhn
1
url VCID-rjs4-b1gk-47c6
vulnerability_id VCID-rjs4-b1gk-47c6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6837
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.55137
published_at 2026-06-11T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.55257
published_at 2026-06-12T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.55273
published_at 2026-06-13T12:55:00Z
3
value 0.00316
scoring_system epss
scoring_elements 0.55261
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6837
1
reference_url https://github.com/wso2/carbon-identity-framework/commit/fdab609760784086b8a3f55f7acf46d977a03d79
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wso2/carbon-identity-framework/commit/fdab609760784086b8a3f55f7acf46d977a03d79
2
reference_url https://github.com/wso2/identity-apps/commit/1424203bbe81688d661ea8b8cd28e332302e1c53
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wso2/identity-apps/commit/1424203bbe81688d661ea8b8cd28e332302e1c53
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6837
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6837
4
reference_url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1573
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1573
5
reference_url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1573/
reference_id
reference_type
scores
url https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1573/
6
reference_url https://github.com/advisories/GHSA-f6jm-9pr8-9c3w
reference_id GHSA-f6jm-9pr8-9c3w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f6jm-9pr8-9c3w
fixed_packages
0
url pkg:maven/org.wso2.identity.apps/authentication-portal@1.6.179.1
purl pkg:maven/org.wso2.identity.apps/authentication-portal@1.6.179.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wso2.identity.apps/authentication-portal@1.6.179.1
1
url pkg:maven/org.wso2.identity.apps/authentication-portal@1.6.180
purl pkg:maven/org.wso2.identity.apps/authentication-portal@1.6.180
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-m328-h1sk-6yhn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.wso2.identity.apps/authentication-portal@1.6.180
aliases CVE-2023-6837, GHSA-f6jm-9pr8-9c3w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjs4-b1gk-47c6
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.wso2.identity.apps/authentication-portal@1.2.243