Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@7.0-milestone-2

Type maven

Namespace org.xwiki.platform

Name xwiki-platform-web-templates

Version 7.0-milestone-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 12.10.11

Latest_non_vulnerable_version 17.10.1

Affected_by_vulnerabilities

url VCID-b75w-1jeb-hbeq

vulnerability_id VCID-b75w-1jeb-hbeq

summary

XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages
A reflected cross site scripting (XSS) vulnerability in XWiki allows an attacker to execute arbitrary actions in XWiki with the rights of the victim if the attacker manages to trick a victim into visiting a crafted URL. If the victim has administrative or programming rights, those rights can be exploited to gain full access to the XWiki installation.

references

reference_url

https://github.com/xwiki/xwiki-platform

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform

reference_url

https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf

reference_url

https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf#diff-8f16efedd19baae025db602d8736a105bfd8f72676af2c935b8195a0c356ee71

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf#diff-8f16efedd19baae025db602d8736a105bfd8f72676af2c935b8195a0c356ee71

reference_url

https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-16.10.12

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-16.10.12

reference_url

https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.4.5

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.4.5

reference_url

https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.8.0-rc-1

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.8.0-rc-1

reference_url

https://jira.xwiki.org/browse/XWIKI-23462

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://jira.xwiki.org/browse/XWIKI-23462

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-24128

reference_id

CVE-2026-24128

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-24128

reference_url	https://github.com/advisories/GHSA-wvqx-m5px-6cmp
reference_id	GHSA-wvqx-m5px-6cmp
reference_type
scores
url	https://github.com/advisories/GHSA-wvqx-m5px-6cmp

reference_url

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wvqx-m5px-6cmp

reference_id

GHSA-wvqx-m5px-6cmp

reference_type

scores

value	6.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wvqx-m5px-6cmp

fixed_packages

url	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12
purl	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12

url	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.4.5
purl	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.4.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.4.5

url	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.8.0-rc-1
purl	pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.8.0-rc-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.8.0-rc-1

aliases CVE-2026-24128, GHSA-wvqx-m5px-6cmp

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b75w-1jeb-hbeq

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@7.0-milestone-2

Package Instance