Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/73595?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/73595?format=api", "purl": "pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12", "type": "maven", "namespace": "org.xwiki.platform", "name": "xwiki-platform-web-templates", "version": "16.10.12", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "17.4.2", "latest_non_vulnerable_version": "17.8.0-rc-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49827?format=api", "vulnerability_id": "VCID-b75w-1jeb-hbeq", "summary": "XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages\nA reflected cross site scripting (XSS) vulnerability in XWiki allows an attacker to execute arbitrary actions in XWiki with the rights of the victim if the attacker manages to trick a victim into visiting a crafted URL. If the victim has administrative or programming rights, those rights can be exploited to gain full access to the XWiki installation.", "references": [ { "reference_url": "https://github.com/xwiki/xwiki-platform", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform" }, { "reference_url": "https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf" }, { "reference_url": "https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf#diff-8f16efedd19baae025db602d8736a105bfd8f72676af2c935b8195a0c356ee71", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform/commit/8337ac8c3b19c37f306723b638b2cae8b0a57dbf#diff-8f16efedd19baae025db602d8736a105bfd8f72676af2c935b8195a0c356ee71" }, { "reference_url": "https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-16.10.12", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-16.10.12" }, { "reference_url": "https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.4.5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.4.5" }, { "reference_url": "https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.8.0-rc-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform/releases/tag/xwiki-platform-17.8.0-rc-1" }, { "reference_url": "https://jira.xwiki.org/browse/XWIKI-23462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://jira.xwiki.org/browse/XWIKI-23462" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24128", "reference_id": "CVE-2026-24128", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24128" }, { "reference_url": "https://github.com/advisories/GHSA-wvqx-m5px-6cmp", "reference_id": "GHSA-wvqx-m5px-6cmp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wvqx-m5px-6cmp" }, { "reference_url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wvqx-m5px-6cmp", "reference_id": "GHSA-wvqx-m5px-6cmp", "reference_type": "", "scores": [], "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wvqx-m5px-6cmp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73595?format=api", "purl": "pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/73596?format=api", "purl": "pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.4.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/73597?format=api", "purl": "pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.8.0-rc-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@17.8.0-rc-1" } ], "aliases": [ "CVE-2026-24128", "GHSA-wvqx-m5px-6cmp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b75w-1jeb-hbeq" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.xwiki.platform/xwiki-platform-web-templates@16.10.12" }