Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-gccz-1apc-nbc7
SummaryCross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
Aliases
0
alias CVE-2023-2516
1
alias GHSA-2ffp-w665-9mgx
Fixed_packages
Affected_packages
0
url pkg:composer/nilsteampassnet/teampass@2.1.21
purl pkg:composer/nilsteampassnet/teampass@2.1.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-atka-cwfk-1qft
7
vulnerability VCID-f256-8ace-tkfz
8
vulnerability VCID-f4pc-cnmz-xuds
9
vulnerability VCID-fq8k-9rzx-d3h9
10
vulnerability VCID-gapw-p82p-5ffg
11
vulnerability VCID-gccz-1apc-nbc7
12
vulnerability VCID-ge6p-wb66-23h1
13
vulnerability VCID-h7b6-7zyw-2ubd
14
vulnerability VCID-hsc2-ujdn-akd9
15
vulnerability VCID-hytp-ymst-wydu
16
vulnerability VCID-j45n-ee9b-jkfu
17
vulnerability VCID-jfjy-mp8x-7bay
18
vulnerability VCID-kasr-phan-wfe1
19
vulnerability VCID-nerp-rft5-e7hu
20
vulnerability VCID-nrku-7gg1-x7dc
21
vulnerability VCID-p8s7-qwsb-sucm
22
vulnerability VCID-rkke-dz1k-qke7
23
vulnerability VCID-s72e-wwmn-5udy
24
vulnerability VCID-sbzn-52hj-2fem
25
vulnerability VCID-sddd-pv7u-pkeh
26
vulnerability VCID-ttgj-91qs-1kb1
27
vulnerability VCID-vbq8-3npj-fudc
28
vulnerability VCID-veg8-behu-43g4
29
vulnerability VCID-vsm8-3aay-zugs
30
vulnerability VCID-w3sd-njh7-dka9
31
vulnerability VCID-w9n1-5spr-3yd5
32
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.21
1
url pkg:composer/nilsteampassnet/teampass@2.1.26
purl pkg:composer/nilsteampassnet/teampass@2.1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-apxy-13pc-33e1
7
vulnerability VCID-atka-cwfk-1qft
8
vulnerability VCID-f256-8ace-tkfz
9
vulnerability VCID-f4pc-cnmz-xuds
10
vulnerability VCID-fq8k-9rzx-d3h9
11
vulnerability VCID-gapw-p82p-5ffg
12
vulnerability VCID-gccz-1apc-nbc7
13
vulnerability VCID-ge6p-wb66-23h1
14
vulnerability VCID-h7b6-7zyw-2ubd
15
vulnerability VCID-hsc2-ujdn-akd9
16
vulnerability VCID-hytp-ymst-wydu
17
vulnerability VCID-j45n-ee9b-jkfu
18
vulnerability VCID-jfjy-mp8x-7bay
19
vulnerability VCID-kasr-phan-wfe1
20
vulnerability VCID-nerp-rft5-e7hu
21
vulnerability VCID-p8s7-qwsb-sucm
22
vulnerability VCID-rkke-dz1k-qke7
23
vulnerability VCID-s72e-wwmn-5udy
24
vulnerability VCID-sbzn-52hj-2fem
25
vulnerability VCID-sddd-pv7u-pkeh
26
vulnerability VCID-ttgj-91qs-1kb1
27
vulnerability VCID-vbq8-3npj-fudc
28
vulnerability VCID-veg8-behu-43g4
29
vulnerability VCID-vsm8-3aay-zugs
30
vulnerability VCID-w3sd-njh7-dka9
31
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.26
2
url pkg:composer/nilsteampassnet/teampass@2.1.27
purl pkg:composer/nilsteampassnet/teampass@2.1.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-atka-cwfk-1qft
7
vulnerability VCID-f256-8ace-tkfz
8
vulnerability VCID-f4pc-cnmz-xuds
9
vulnerability VCID-fq8k-9rzx-d3h9
10
vulnerability VCID-gapw-p82p-5ffg
11
vulnerability VCID-gccz-1apc-nbc7
12
vulnerability VCID-ge6p-wb66-23h1
13
vulnerability VCID-h7b6-7zyw-2ubd
14
vulnerability VCID-hsc2-ujdn-akd9
15
vulnerability VCID-hytp-ymst-wydu
16
vulnerability VCID-j45n-ee9b-jkfu
17
vulnerability VCID-jfjy-mp8x-7bay
18
vulnerability VCID-kasr-phan-wfe1
19
vulnerability VCID-nerp-rft5-e7hu
20
vulnerability VCID-p8s7-qwsb-sucm
21
vulnerability VCID-rkke-dz1k-qke7
22
vulnerability VCID-s72e-wwmn-5udy
23
vulnerability VCID-sbzn-52hj-2fem
24
vulnerability VCID-sddd-pv7u-pkeh
25
vulnerability VCID-ttgj-91qs-1kb1
26
vulnerability VCID-vbq8-3npj-fudc
27
vulnerability VCID-veg8-behu-43g4
28
vulnerability VCID-vsm8-3aay-zugs
29
vulnerability VCID-w3sd-njh7-dka9
30
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.27
3
url pkg:composer/nilsteampassnet/teampass@3.0.0
purl pkg:composer/nilsteampassnet/teampass@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-f4pc-cnmz-xuds
7
vulnerability VCID-fq8k-9rzx-d3h9
8
vulnerability VCID-gapw-p82p-5ffg
9
vulnerability VCID-gccz-1apc-nbc7
10
vulnerability VCID-hsc2-ujdn-akd9
11
vulnerability VCID-j45n-ee9b-jkfu
12
vulnerability VCID-jfjy-mp8x-7bay
13
vulnerability VCID-nerp-rft5-e7hu
14
vulnerability VCID-p8s7-qwsb-sucm
15
vulnerability VCID-s72e-wwmn-5udy
16
vulnerability VCID-sbzn-52hj-2fem
17
vulnerability VCID-ttgj-91qs-1kb1
18
vulnerability VCID-vbq8-3npj-fudc
19
vulnerability VCID-vsm8-3aay-zugs
20
vulnerability VCID-w3sd-njh7-dka9
21
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.0
4
url pkg:composer/nilsteampassnet/teampass@3.0.0.10
purl pkg:composer/nilsteampassnet/teampass@3.0.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-f4pc-cnmz-xuds
7
vulnerability VCID-fq8k-9rzx-d3h9
8
vulnerability VCID-gapw-p82p-5ffg
9
vulnerability VCID-gccz-1apc-nbc7
10
vulnerability VCID-hsc2-ujdn-akd9
11
vulnerability VCID-j45n-ee9b-jkfu
12
vulnerability VCID-jfjy-mp8x-7bay
13
vulnerability VCID-nerp-rft5-e7hu
14
vulnerability VCID-p8s7-qwsb-sucm
15
vulnerability VCID-s72e-wwmn-5udy
16
vulnerability VCID-sbzn-52hj-2fem
17
vulnerability VCID-ttgj-91qs-1kb1
18
vulnerability VCID-vbq8-3npj-fudc
19
vulnerability VCID-vsm8-3aay-zugs
20
vulnerability VCID-w3sd-njh7-dka9
21
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.0.10
5
url pkg:composer/nilsteampassnet/teampass@3.0.0.11
purl pkg:composer/nilsteampassnet/teampass@3.0.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dkf-xbbk-d7ej
1
vulnerability VCID-3ep8-e51b-wygf
2
vulnerability VCID-7uys-bmga-vyf6
3
vulnerability VCID-8ccd-ebn8-w7ca
4
vulnerability VCID-9b52-k67m-7fb9
5
vulnerability VCID-a7h6-fstf-kqee
6
vulnerability VCID-f4pc-cnmz-xuds
7
vulnerability VCID-fq8k-9rzx-d3h9
8
vulnerability VCID-gapw-p82p-5ffg
9
vulnerability VCID-gccz-1apc-nbc7
10
vulnerability VCID-hsc2-ujdn-akd9
11
vulnerability VCID-j45n-ee9b-jkfu
12
vulnerability VCID-jfjy-mp8x-7bay
13
vulnerability VCID-nerp-rft5-e7hu
14
vulnerability VCID-p8s7-qwsb-sucm
15
vulnerability VCID-s72e-wwmn-5udy
16
vulnerability VCID-sbzn-52hj-2fem
17
vulnerability VCID-ttgj-91qs-1kb1
18
vulnerability VCID-vbq8-3npj-fudc
19
vulnerability VCID-vsm8-3aay-zugs
20
vulnerability VCID-w3sd-njh7-dka9
21
vulnerability VCID-yjg1-e2zq-qbh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.0.11
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-2516
reference_id
reference_type
scores
0
value 0.00633
scoring_system epss
scoring_elements 0.70925
published_at 2026-06-12T12:55:00Z
1
value 0.00633
scoring_system epss
scoring_elements 0.70835
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-2516
1
reference_url https://github.com/nilsteampassnet/teampass
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/nilsteampassnet/teampass
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-2516
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-2516
3
reference_url https://huntr.dev/bounties/19470f0b-7094-4339-8d4a-4b5570b54716
reference_id 19470f0b-7094-4339-8d4a-4b5570b54716
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:14:46Z/
url https://huntr.dev/bounties/19470f0b-7094-4339-8d4a-4b5570b54716
4
reference_url https://github.com/nilsteampassnet/teampass/commit/39b774cba118ca5383b0a51a71b1e7dea2761927
reference_id 39b774cba118ca5383b0a51a71b1e7dea2761927
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:14:46Z/
url https://github.com/nilsteampassnet/teampass/commit/39b774cba118ca5383b0a51a71b1e7dea2761927
5
reference_url https://github.com/advisories/GHSA-2ffp-w665-9mgx
reference_id GHSA-2ffp-w665-9mgx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2ffp-w665-9mgx
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-gccz-1apc-nbc7