Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/112604?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112604?format=api", "vulnerability_id": "VCID-82dv-za7h-dfd8", "summary": "A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.", "aliases": [ { "alias": "CVE-2025-10909" }, { "alias": "GHSA-4c44-r8rm-3p39" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/856513?format=api", "purl": "pkg:composer/novosga/novosga@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.10" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/856450?format=api", "purl": "pkg:composer/novosga/novosga@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856451?format=api", "purl": "pkg:composer/novosga/novosga@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856452?format=api", "purl": "pkg:composer/novosga/novosga@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856453?format=api", "purl": "pkg:composer/novosga/novosga@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856454?format=api", "purl": "pkg:composer/novosga/novosga@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/856455?format=api", "purl": "pkg:composer/novosga/novosga@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856456?format=api", "purl": "pkg:composer/novosga/novosga@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856457?format=api", "purl": "pkg:composer/novosga/novosga@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856458?format=api", "purl": "pkg:composer/novosga/novosga@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856459?format=api", "purl": "pkg:composer/novosga/novosga@1.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/856460?format=api", "purl": "pkg:composer/novosga/novosga@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856461?format=api", "purl": "pkg:composer/novosga/novosga@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856462?format=api", "purl": "pkg:composer/novosga/novosga@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856463?format=api", "purl": "pkg:composer/novosga/novosga@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856464?format=api", "purl": "pkg:composer/novosga/novosga@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856465?format=api", "purl": "pkg:composer/novosga/novosga@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856466?format=api", "purl": "pkg:composer/novosga/novosga@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856467?format=api", "purl": "pkg:composer/novosga/novosga@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856468?format=api", "purl": "pkg:composer/novosga/novosga@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856469?format=api", "purl": "pkg:composer/novosga/novosga@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856470?format=api", "purl": "pkg:composer/novosga/novosga@1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856471?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-BETA1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-BETA1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856472?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-BETA2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-BETA2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856473?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-BETA3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-BETA3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856474?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-BETA4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-BETA4" }, { "url": "http://public2.vulnerablecode.io/api/packages/856475?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-BETA5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-BETA5" }, { "url": "http://public2.vulnerablecode.io/api/packages/856476?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-BETA6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-BETA6" }, { "url": "http://public2.vulnerablecode.io/api/packages/856477?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-RC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-RC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856478?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-RC2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-RC2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856479?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0-RC3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0-RC3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856480?format=api", "purl": "pkg:composer/novosga/novosga@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856481?format=api", "purl": "pkg:composer/novosga/novosga@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856482?format=api", "purl": "pkg:composer/novosga/novosga@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856483?format=api", "purl": "pkg:composer/novosga/novosga@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856484?format=api", "purl": "pkg:composer/novosga/novosga@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/856485?format=api", "purl": "pkg:composer/novosga/novosga@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/856486?format=api", "purl": "pkg:composer/novosga/novosga@2.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/856487?format=api", "purl": "pkg:composer/novosga/novosga@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/856488?format=api", "purl": "pkg:composer/novosga/novosga@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/856489?format=api", "purl": "pkg:composer/novosga/novosga@2.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/856490?format=api", "purl": "pkg:composer/novosga/novosga@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/856491?format=api", "purl": "pkg:composer/novosga/novosga@2.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/856492?format=api", "purl": "pkg:composer/novosga/novosga@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856493?format=api", "purl": "pkg:composer/novosga/novosga@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856494?format=api", "purl": "pkg:composer/novosga/novosga@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856495?format=api", "purl": "pkg:composer/novosga/novosga@2.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856496?format=api", "purl": "pkg:composer/novosga/novosga@2.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/856497?format=api", "purl": "pkg:composer/novosga/novosga@2.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/856498?format=api", "purl": "pkg:composer/novosga/novosga@2.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/856499?format=api", "purl": "pkg:composer/novosga/novosga@2.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/856500?format=api", "purl": "pkg:composer/novosga/novosga@2.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/856501?format=api", "purl": "pkg:composer/novosga/novosga@2.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/856502?format=api", "purl": "pkg:composer/novosga/novosga@2.2.0-beta.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.0-beta.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856503?format=api", "purl": "pkg:composer/novosga/novosga@2.2.0-beta.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.0-beta.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856504?format=api", "purl": "pkg:composer/novosga/novosga@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/856505?format=api", "purl": "pkg:composer/novosga/novosga@2.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/856506?format=api", "purl": "pkg:composer/novosga/novosga@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/856507?format=api", "purl": "pkg:composer/novosga/novosga@2.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/856508?format=api", "purl": "pkg:composer/novosga/novosga@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/856509?format=api", "purl": "pkg:composer/novosga/novosga@2.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/856510?format=api", "purl": "pkg:composer/novosga/novosga@2.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/856511?format=api", "purl": "pkg:composer/novosga/novosga@2.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/856512?format=api", "purl": "pkg:composer/novosga/novosga@2.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33931?format=api", "purl": "pkg:composer/novosga/novosga@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82dv-za7h-dfd8" }, { "vulnerability": "VCID-84x4-ssdc-u7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/novosga/novosga@2.2.9" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02618", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02612", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02622", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10909" }, { "reference_url": "https://github.com/novosga/novosga", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/novosga/novosga" }, { "reference_url": "https://hackmd.io/@noka/B1qwCyR9ll", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://hackmd.io/@noka/B1qwCyR9ll" }, { "reference_url": "https://hackmd.io/@noka/B1qwCyR9ll#%E2%9E%A4-Payload", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://hackmd.io/@noka/B1qwCyR9ll#%E2%9E%A4-Payload" }, { "reference_url": "https://vuldb.com/?ctiid.325696", "reference_id": "?ctiid.325696", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:50:37Z/" } ], "url": "https://vuldb.com/?ctiid.325696" }, { "reference_url": "https://karinagante.github.io/cve-2025-10909/", "reference_id": "cve-2025-10909", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:50:37Z/" } ], "url": "https://karinagante.github.io/cve-2025-10909/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10909", "reference_id": "CVE-2025-10909", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10909" }, { "reference_url": "https://github.com/advisories/GHSA-4c44-r8rm-3p39", "reference_id": "GHSA-4c44-r8rm-3p39", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4c44-r8rm-3p39" }, { "reference_url": "https://vuldb.com/?id.325696", "reference_id": "?id.325696", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:50:37Z/" } ], "url": "https://vuldb.com/?id.325696" }, { "reference_url": "https://karinagante.github.io/cve-2025-10909/#proof-of-concept-poc", "reference_id": "#proof-of-concept-poc", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:50:37Z/" } ], "url": "https://karinagante.github.io/cve-2025-10909/#proof-of-concept-poc" }, { "reference_url": "https://vuldb.com/?submit.651379", "reference_id": "?submit.651379", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" }, { "value": "1.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:50:37Z/" } ], "url": "https://vuldb.com/?submit.651379" } ], "weaknesses": [ { "cwe_id": 79, "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "description": "The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users." }, { "cwe_id": 94, "name": "Improper Control of Generation of Code ('Code Injection')", "description": "The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "0.1 - 4.8", "exploitability": "0.5", "weighted_severity": "4.3", "risk_score": 2.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82dv-za7h-dfd8" }