Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@4.5.40
Typecomposer
Namespacetypo3
Namecms
Version4.5.40
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-b5ht-z6zp-pbht
vulnerability_id VCID-b5ht-z6zp-pbht
summary 
Cross-Site Scripting Vulnerability
It has been discovered, that it is possible to forge a link to a backend module, which contains a JavaScript payload. This JavaScript is executed, if an authenticated editor with access to the module follows the link that, is tricked to click on a certain HTML target. Because TYPO3 include a secret token unknown to an attacker in every URL, an exploit would not be feasible for these versions.
references
0
reference_url http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5956
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38086
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38157
published_at 2026-04-08T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38165
published_at 2026-04-09T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38184
published_at 2026-04-11T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38149
published_at 2026-04-12T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38124
published_at 2026-04-13T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.3817
published_at 2026-04-16T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38151
published_at 2026-04-18T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38035
published_at 2026-04-01T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38215
published_at 2026-04-02T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38238
published_at 2026-04-04T12:55:00Z
11
value 0.00169
scoring_system epss
scoring_elements 0.38107
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5956
2
reference_url http://seclists.org/fulldisclosure/2015/Sep/57
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2015/Sep/57
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5956
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5956
5
reference_url https://review.typo3.org/#/c/43122/
reference_id
reference_type
scores
url https://review.typo3.org/#/c/43122/
6
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009
7
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
8
reference_url http://www.securityfocus.com/archive/1/536464/100/0/threaded
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/536464/100/0/threaded
9
reference_url http://www.securitytracker.com/id/1033551
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1033551
10
reference_url https://github.com/advisories/GHSA-989h-wv8x-933p
reference_id GHSA-989h-wv8x-933p
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-989h-wv8x-933p
fixed_packages
0
url pkg:composer/typo3/cms@6.2.15
purl pkg:composer/typo3/cms@6.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bnd-6xsq-nbec
1
vulnerability VCID-1jcy-nx8g-z3d3
2
vulnerability VCID-1ng4-5tkh-g7h5
3
vulnerability VCID-1qjx-grvf-y7bk
4
vulnerability VCID-25t3-1sm6-3kdn
5
vulnerability VCID-3m2z-stmy-u7hm
6
vulnerability VCID-3m53-kkk2-j7c2
7
vulnerability VCID-435j-f3yx-9yep
8
vulnerability VCID-48jz-wwt8-33hx
9
vulnerability VCID-5jgb-dsyx-hyb4
10
vulnerability VCID-5ppt-avmb-cqb2
11
vulnerability VCID-6pvx-1qan-ukef
12
vulnerability VCID-6wsa-4ywc-8fh4
13
vulnerability VCID-7d1g-j3k5-gub8
14
vulnerability VCID-8jp8-a363-67be
15
vulnerability VCID-b715-6z6c-qqar
16
vulnerability VCID-bck9-34jp-6ydx
17
vulnerability VCID-buax-rz7x-r7c2
18
vulnerability VCID-c6zq-cfg5-u7d9
19
vulnerability VCID-cczn-x8q7-k7ba
20
vulnerability VCID-cjgc-q6p5-2ydc
21
vulnerability VCID-dp6j-gnk4-rkd5
22
vulnerability VCID-dsu7-jjjq-f3e1
23
vulnerability VCID-f4pm-9tq5-q3ch
24
vulnerability VCID-f963-qur3-2qb7
25
vulnerability VCID-fber-yp9q-f7dr
26
vulnerability VCID-fqbx-7xyq-fkav
27
vulnerability VCID-g4ak-ertr-rya6
28
vulnerability VCID-gcnj-6qb6-pbgz
29
vulnerability VCID-gezz-pvpj-p3c6
30
vulnerability VCID-gnna-yjv5-cya2
31
vulnerability VCID-gspd-apwy-efgu
32
vulnerability VCID-h2dd-7b1r-k7bs
33
vulnerability VCID-h958-d3pm-kfcs
34
vulnerability VCID-heyy-me7v-jyf5
35
vulnerability VCID-hkk9-f78q-xqd2
36
vulnerability VCID-hv3n-j8ck-1ufx
37
vulnerability VCID-jmu3-5k7e-x7ch
38
vulnerability VCID-jqx9-41zx-dbcy
39
vulnerability VCID-kqbk-4q4z-nkec
40
vulnerability VCID-kuq7-h4ex-tkgc
41
vulnerability VCID-m3nf-1qbv-d3dj
42
vulnerability VCID-m43j-8zeh-47gz
43
vulnerability VCID-mc8q-fhyf-ekfj
44
vulnerability VCID-mhud-kq57-nka3
45
vulnerability VCID-mqk6-z77g-bfdv
46
vulnerability VCID-n61z-6v8a-hygf
47
vulnerability VCID-nnh9-udcj-m7fv
48
vulnerability VCID-npn5-rand-q3dg
49
vulnerability VCID-nwxj-3ajk-rkh5
50
vulnerability VCID-p1u9-66hm-47er
51
vulnerability VCID-p545-vwe6-9kfr
52
vulnerability VCID-pgzu-kxuj-j3fh
53
vulnerability VCID-prbd-r82t-87dm
54
vulnerability VCID-q6dx-uskc-y3hs
55
vulnerability VCID-q9ak-qcq6-qfhy
56
vulnerability VCID-qemc-8kj8-r3cd
57
vulnerability VCID-re8y-zb3u-57h2
58
vulnerability VCID-re9h-ze98-rbhu
59
vulnerability VCID-rg5d-d8nc-9qfu
60
vulnerability VCID-rkms-w15c-4yb1
61
vulnerability VCID-s49m-kyu7-vbee
62
vulnerability VCID-s8h9-rdvk-9yfp
63
vulnerability VCID-sszj-qy2p-ebbd
64
vulnerability VCID-u347-jazz-zke4
65
vulnerability VCID-u7nx-p1g7-cqhw
66
vulnerability VCID-uckg-j48d-efad
67
vulnerability VCID-uj89-13ub-43fz
68
vulnerability VCID-utpu-q2dv-m3hm
69
vulnerability VCID-w5pn-eb7y-1kdp
70
vulnerability VCID-wq32-kgff-gke8
71
vulnerability VCID-ww44-zmx7-47ft
72
vulnerability VCID-xa4m-xpa9-v7h8
73
vulnerability VCID-xwtv-48ph-6fb6
74
vulnerability VCID-z41h-5mem-gfc7
75
vulnerability VCID-z5qq-nwn5-tqgm
76
vulnerability VCID-zdq2-dhb2-6kaq
77
vulnerability VCID-zeku-t9fv-kych
78
vulnerability VCID-zp3u-ukzs-ukf6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15
1
url pkg:composer/typo3/cms@7.4.0
purl pkg:composer/typo3/cms@7.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-6pvx-1qan-ukef
6
vulnerability VCID-bajy-qbwq-fufn
7
vulnerability VCID-bnne-7p2q-eqd2
8
vulnerability VCID-buax-rz7x-r7c2
9
vulnerability VCID-bxjw-7426-gyb8
10
vulnerability VCID-cczn-x8q7-k7ba
11
vulnerability VCID-cjgc-q6p5-2ydc
12
vulnerability VCID-dbrh-t8zx-nkd9
13
vulnerability VCID-dm97-51uu-r7gw
14
vulnerability VCID-dsu7-jjjq-f3e1
15
vulnerability VCID-ehzg-bzrd-kbcc
16
vulnerability VCID-f4pm-9tq5-q3ch
17
vulnerability VCID-gcnj-6qb6-pbgz
18
vulnerability VCID-h958-d3pm-kfcs
19
vulnerability VCID-jmu3-5k7e-x7ch
20
vulnerability VCID-jqx9-41zx-dbcy
21
vulnerability VCID-kqbk-4q4z-nkec
22
vulnerability VCID-mnz3-rj21-67ad
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nwxj-3ajk-rkh5
26
vulnerability VCID-pgzu-kxuj-j3fh
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-q6dx-uskc-y3hs
29
vulnerability VCID-qemc-8kj8-r3cd
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-sr3p-pdxy-4yhu
32
vulnerability VCID-t3jn-vwbx-u7cr
33
vulnerability VCID-tmrt-6fxw-5ugh
34
vulnerability VCID-tw1y-t4qj-j3d1
35
vulnerability VCID-vndb-w8e1-4ugv
36
vulnerability VCID-wr5t-xqnn-gkcj
37
vulnerability VCID-ww44-zmx7-47ft
38
vulnerability VCID-wxps-mnue-6bbh
39
vulnerability VCID-xa4m-xpa9-v7h8
40
vulnerability VCID-xqew-bx7v-1qfk
41
vulnerability VCID-y32z-2d3f-gkgw
42
vulnerability VCID-zdq2-dhb2-6kaq
43
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0
aliases CVE-2015-5956, GHSA-989h-wv8x-933p
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5ht-z6zp-pbht
Fixing_vulnerabilities
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.40