Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-59zz-tmvz-sqgm

Summary

ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting
Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. TYPO3 uses the HTTP host-header to generate absolute URLs in several places like 404 handling, http(s) enforcement, password reset links and many more. Since the host header itself is provided by the client it can be forged to any value, even in a name based virtual hosts environment. A blog post describes this problem in great detail.

Aliases

alias	GHSA-mxjf-hc9v-xgv2

Fixed_packages

url pkg:composer/typo3/cms@6.2.3

purl pkg:composer/typo3/cms@6.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bnd-6xsq-nbec

vulnerability	VCID-1jcy-nx8g-z3d3

vulnerability	VCID-1ng4-5tkh-g7h5

vulnerability	VCID-1qjx-grvf-y7bk

vulnerability	VCID-25t3-1sm6-3kdn

vulnerability	VCID-2rhx-afay-97da

vulnerability	VCID-37wu-bjfj-k7eg

vulnerability	VCID-3m2z-stmy-u7hm

vulnerability	VCID-3m53-kkk2-j7c2

vulnerability	VCID-435j-f3yx-9yep

vulnerability	VCID-48jz-wwt8-33hx

vulnerability	VCID-4etp-u4pt-v7hm

vulnerability	VCID-51ba-3ag9-rucn

vulnerability	VCID-5jgb-dsyx-hyb4

vulnerability	VCID-5ppt-avmb-cqb2

vulnerability	VCID-6gms-w48j-4ffh

vulnerability	VCID-6pvx-1qan-ukef

vulnerability	VCID-6spw-66jg-syb1

vulnerability	VCID-6wsa-4ywc-8fh4

vulnerability	VCID-7d1g-j3k5-gub8

vulnerability	VCID-7ngg-6yuz-jkge

vulnerability	VCID-7zx9-8afq-y3hc

vulnerability	VCID-8jp8-a363-67be

vulnerability	VCID-99uu-rfrf-bqa7

vulnerability	VCID-adk5-989d-jkc9

vulnerability	VCID-asym-tgh2-1kg8

vulnerability	VCID-b45y-dr1a-7qd7

vulnerability	VCID-b5ht-z6zp-pbht

vulnerability	VCID-b715-6z6c-qqar

vulnerability	VCID-bck9-34jp-6ydx

vulnerability	VCID-buax-rz7x-r7c2

vulnerability	VCID-c6zq-cfg5-u7d9

vulnerability	VCID-cczn-x8q7-k7ba

vulnerability	VCID-cjgc-q6p5-2ydc

vulnerability	VCID-ck23-cxn6-bbf3

vulnerability	VCID-dp6j-gnk4-rkd5

vulnerability	VCID-dsu7-jjjq-f3e1

vulnerability	VCID-f4pm-9tq5-q3ch

vulnerability	VCID-f963-qur3-2qb7

vulnerability	VCID-fber-yp9q-f7dr

vulnerability	VCID-fqbx-7xyq-fkav

vulnerability	VCID-g4ak-ertr-rya6

vulnerability	VCID-gcnj-6qb6-pbgz

vulnerability	VCID-gezz-pvpj-p3c6

vulnerability	VCID-gnna-yjv5-cya2

vulnerability	VCID-gspd-apwy-efgu

vulnerability	VCID-h2dd-7b1r-k7bs

vulnerability	VCID-h958-d3pm-kfcs

vulnerability	VCID-heyy-me7v-jyf5

vulnerability	VCID-hkk9-f78q-xqd2

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-hv3n-j8ck-1ufx

vulnerability	VCID-jmu3-5k7e-x7ch

vulnerability	VCID-jqx9-41zx-dbcy

vulnerability	VCID-kgcq-paqm-9ya6

vulnerability	VCID-kpze-14jy-xud9

vulnerability	VCID-kqbk-4q4z-nkec

vulnerability	VCID-kuq7-h4ex-tkgc

vulnerability	VCID-m3nf-1qbv-d3dj

vulnerability	VCID-m43j-8zeh-47gz

vulnerability	VCID-mc8q-fhyf-ekfj

vulnerability	VCID-mhud-kq57-nka3

vulnerability	VCID-mqk6-z77g-bfdv

vulnerability	VCID-n61z-6v8a-hygf

vulnerability	VCID-nbzv-ppzf-53ae

vulnerability	VCID-ne8w-dpjw-7qf1

vulnerability	VCID-nnh9-udcj-m7fv

vulnerability	VCID-npn5-rand-q3dg

vulnerability	VCID-nwxj-3ajk-rkh5

vulnerability	VCID-p1u9-66hm-47er

vulnerability	VCID-p545-vwe6-9kfr

vulnerability	VCID-pgzu-kxuj-j3fh

vulnerability	VCID-prbd-r82t-87dm

vulnerability	VCID-q6dx-uskc-y3hs

vulnerability	VCID-q9ak-qcq6-qfhy

vulnerability	VCID-qemc-8kj8-r3cd

vulnerability	VCID-re8y-zb3u-57h2

vulnerability	VCID-re9h-ze98-rbhu

vulnerability	VCID-rg5d-d8nc-9qfu

vulnerability	VCID-rkms-w15c-4yb1

vulnerability	VCID-rwgf-2pfh-ufdz

vulnerability	VCID-s49m-kyu7-vbee

vulnerability	VCID-s8h9-rdvk-9yfp

vulnerability	VCID-se8w-fv8x-tqde

vulnerability	VCID-sszj-qy2p-ebbd

vulnerability	VCID-u347-jazz-zke4

vulnerability	VCID-u7nx-p1g7-cqhw

vulnerability	VCID-uckg-j48d-efad

vulnerability	VCID-uj89-13ub-43fz

vulnerability	VCID-utpu-q2dv-m3hm

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-w5pn-eb7y-1kdp

vulnerability	VCID-wq32-kgff-gke8

vulnerability	VCID-ww44-zmx7-47ft

vulnerability	VCID-xa4m-xpa9-v7h8

vulnerability	VCID-xhq3-ts9t-sbdy

vulnerability	VCID-xkpp-psz2-2kag

vulnerability	VCID-xp55-jxjr-zqcb

vulnerability	VCID-xwtv-48ph-6fb6

vulnerability	VCID-z41h-5mem-gfc7

100

vulnerability	VCID-z5qq-nwn5-tqgm

101

vulnerability	VCID-zdq2-dhb2-6kaq

102

vulnerability	VCID-zeku-t9fv-kych

103

vulnerability	VCID-zp3u-ukzs-ukf6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3

Affected_packages

url pkg:composer/typo3/cms@4.5.0

purl pkg:composer/typo3/cms@4.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1c26-d6gv-4ud4

vulnerability	VCID-2zuf-yf2d-t3hg

vulnerability	VCID-57cn-dmzh-4kdq

vulnerability	VCID-59zz-tmvz-sqgm

vulnerability	VCID-88ng-ph1q-cybw

vulnerability	VCID-8fcj-b2dq-3qav

vulnerability	VCID-93v3-exum-5qf5

vulnerability	VCID-99uu-rfrf-bqa7

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-b7s9-hkwv-63ht

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-dban-xxn2-f3b2

vulnerability	VCID-fprf-zjud-8fcv

vulnerability	VCID-fv74-gq28-rkd5

vulnerability	VCID-g75m-m11u-7fbj

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-jb2j-eygc-n7b7

vulnerability	VCID-jk5g-64sn-ffgx

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-n177-3cym-d7e7

vulnerability	VCID-nvd8-5j51-2yeg

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-tu8v-rv87-wfa3

vulnerability	VCID-v3xx-f132-g3hn

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-xb19-n4s4-rqc9

vulnerability	VCID-xns2-f7um-qqgn

vulnerability	VCID-y6zm-rwrr-m3ah

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-ybdc-993m-aqfu

vulnerability	VCID-yk4b-baue-rkbt

vulnerability	VCID-yytp-t23g-wkc8

vulnerability	VCID-zbvd-rppy-gyab

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.0

url pkg:composer/typo3/cms@4.7.0

purl pkg:composer/typo3/cms@4.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-57cn-dmzh-4kdq

vulnerability	VCID-59zz-tmvz-sqgm

vulnerability	VCID-8fcj-b2dq-3qav

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-b7s9-hkwv-63ht

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-dban-xxn2-f3b2

vulnerability	VCID-g75m-m11u-7fbj

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-jb2j-eygc-n7b7

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-v3xx-f132-g3hn

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-xns2-f7um-qqgn

vulnerability	VCID-y6zm-rwrr-m3ah

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-yytp-t23g-wkc8

vulnerability	VCID-zbvd-rppy-gyab

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.7.0

url pkg:composer/typo3/cms@6.1.0

purl pkg:composer/typo3/cms@6.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59zz-tmvz-sqgm

vulnerability	VCID-635d-efe6-bbgm

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-nsh9-8twn-6ydn

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.0

url pkg:composer/typo3/cms@6.2.0

purl pkg:composer/typo3/cms@6.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-1bnd-6xsq-nbec

vulnerability	VCID-1jcy-nx8g-z3d3

vulnerability	VCID-1ng4-5tkh-g7h5

vulnerability	VCID-1qjx-grvf-y7bk

vulnerability	VCID-25t3-1sm6-3kdn

vulnerability	VCID-2rhx-afay-97da

vulnerability	VCID-37wu-bjfj-k7eg

vulnerability	VCID-3m2z-stmy-u7hm

vulnerability	VCID-3m53-kkk2-j7c2

vulnerability	VCID-435j-f3yx-9yep

vulnerability	VCID-48jz-wwt8-33hx

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-4etp-u4pt-v7hm

vulnerability	VCID-51ba-3ag9-rucn

vulnerability	VCID-59zz-tmvz-sqgm

vulnerability	VCID-5jgb-dsyx-hyb4

vulnerability	VCID-5ppt-avmb-cqb2

vulnerability	VCID-6gms-w48j-4ffh

vulnerability	VCID-6pvx-1qan-ukef

vulnerability	VCID-6spw-66jg-syb1

vulnerability	VCID-6wsa-4ywc-8fh4

vulnerability	VCID-7d1g-j3k5-gub8

vulnerability	VCID-7ngg-6yuz-jkge

vulnerability	VCID-7zx9-8afq-y3hc

vulnerability	VCID-8jp8-a363-67be

vulnerability	VCID-99uu-rfrf-bqa7

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-adk5-989d-jkc9

vulnerability	VCID-asym-tgh2-1kg8

vulnerability	VCID-b45y-dr1a-7qd7

vulnerability	VCID-b5ht-z6zp-pbht

vulnerability	VCID-b715-6z6c-qqar

vulnerability	VCID-bck9-34jp-6ydx

vulnerability	VCID-buax-rz7x-r7c2

vulnerability	VCID-c6zq-cfg5-u7d9

vulnerability	VCID-cczn-x8q7-k7ba

vulnerability	VCID-cjgc-q6p5-2ydc

vulnerability	VCID-ck23-cxn6-bbf3

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-dp6j-gnk4-rkd5

vulnerability	VCID-dsu7-jjjq-f3e1

vulnerability	VCID-f4pm-9tq5-q3ch

vulnerability	VCID-f963-qur3-2qb7

vulnerability	VCID-fber-yp9q-f7dr

vulnerability	VCID-fqbx-7xyq-fkav

vulnerability	VCID-g4ak-ertr-rya6

vulnerability	VCID-gcnj-6qb6-pbgz

vulnerability	VCID-gezz-pvpj-p3c6

vulnerability	VCID-gnna-yjv5-cya2

vulnerability	VCID-gspd-apwy-efgu

vulnerability	VCID-h2dd-7b1r-k7bs

vulnerability	VCID-h958-d3pm-kfcs

vulnerability	VCID-heyy-me7v-jyf5

vulnerability	VCID-hkk9-f78q-xqd2

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-hv3n-j8ck-1ufx

vulnerability	VCID-jmu3-5k7e-x7ch

vulnerability	VCID-jqx9-41zx-dbcy

vulnerability	VCID-kgcq-paqm-9ya6

vulnerability	VCID-kpze-14jy-xud9

vulnerability	VCID-kqbk-4q4z-nkec

vulnerability	VCID-kuq7-h4ex-tkgc

vulnerability	VCID-m3nf-1qbv-d3dj

vulnerability	VCID-m43j-8zeh-47gz

vulnerability	VCID-mc8q-fhyf-ekfj

vulnerability	VCID-mhud-kq57-nka3

vulnerability	VCID-mqk6-z77g-bfdv

vulnerability	VCID-n61z-6v8a-hygf

vulnerability	VCID-nbzv-ppzf-53ae

vulnerability	VCID-ne8w-dpjw-7qf1

vulnerability	VCID-nnh9-udcj-m7fv

vulnerability	VCID-npn5-rand-q3dg

vulnerability	VCID-nwxj-3ajk-rkh5

vulnerability	VCID-p1u9-66hm-47er

vulnerability	VCID-p545-vwe6-9kfr

vulnerability	VCID-pgzu-kxuj-j3fh

vulnerability	VCID-prbd-r82t-87dm

vulnerability	VCID-q6dx-uskc-y3hs

vulnerability	VCID-q9ak-qcq6-qfhy

vulnerability	VCID-qemc-8kj8-r3cd

vulnerability	VCID-re8y-zb3u-57h2

vulnerability	VCID-re9h-ze98-rbhu

vulnerability	VCID-rg5d-d8nc-9qfu

vulnerability	VCID-rkms-w15c-4yb1

vulnerability	VCID-rwgf-2pfh-ufdz

vulnerability	VCID-s49m-kyu7-vbee

vulnerability	VCID-s6k7-pp34-zygu

vulnerability	VCID-s8h9-rdvk-9yfp

vulnerability	VCID-se8w-fv8x-tqde

vulnerability	VCID-sszj-qy2p-ebbd

vulnerability	VCID-u347-jazz-zke4

vulnerability	VCID-u7nx-p1g7-cqhw

vulnerability	VCID-uckg-j48d-efad

vulnerability	VCID-uj89-13ub-43fz

vulnerability	VCID-utpu-q2dv-m3hm

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-w5pn-eb7y-1kdp

vulnerability	VCID-wq32-kgff-gke8

vulnerability	VCID-ww44-zmx7-47ft

100

vulnerability	VCID-xa4m-xpa9-v7h8

101

vulnerability	VCID-xhq3-ts9t-sbdy

102

vulnerability	VCID-xkpp-psz2-2kag

103

vulnerability	VCID-xp55-jxjr-zqcb

104

vulnerability	VCID-xwtv-48ph-6fb6

105

vulnerability	VCID-z41h-5mem-gfc7

106

vulnerability	VCID-z5qq-nwn5-tqgm

107

vulnerability	VCID-zdq2-dhb2-6kaq

108

vulnerability	VCID-zeku-t9fv-kych

109

vulnerability	VCID-zp3u-ukzs-ukf6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.0

url pkg:composer/typo3/cms@6.2.1

purl pkg:composer/typo3/cms@6.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-1bnd-6xsq-nbec

vulnerability	VCID-1jcy-nx8g-z3d3

vulnerability	VCID-1ng4-5tkh-g7h5

vulnerability	VCID-1qjx-grvf-y7bk

vulnerability	VCID-25t3-1sm6-3kdn

vulnerability	VCID-2rhx-afay-97da

vulnerability	VCID-37wu-bjfj-k7eg

vulnerability	VCID-3m2z-stmy-u7hm

vulnerability	VCID-3m53-kkk2-j7c2

vulnerability	VCID-435j-f3yx-9yep

vulnerability	VCID-48jz-wwt8-33hx

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-4etp-u4pt-v7hm

vulnerability	VCID-51ba-3ag9-rucn

vulnerability	VCID-59zz-tmvz-sqgm

vulnerability	VCID-5jgb-dsyx-hyb4

vulnerability	VCID-5ppt-avmb-cqb2

vulnerability	VCID-6gms-w48j-4ffh

vulnerability	VCID-6pvx-1qan-ukef

vulnerability	VCID-6spw-66jg-syb1

vulnerability	VCID-6wsa-4ywc-8fh4

vulnerability	VCID-7d1g-j3k5-gub8

vulnerability	VCID-7ngg-6yuz-jkge

vulnerability	VCID-7zx9-8afq-y3hc

vulnerability	VCID-8jp8-a363-67be

vulnerability	VCID-99uu-rfrf-bqa7

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-adk5-989d-jkc9

vulnerability	VCID-asym-tgh2-1kg8

vulnerability	VCID-b45y-dr1a-7qd7

vulnerability	VCID-b5ht-z6zp-pbht

vulnerability	VCID-b715-6z6c-qqar

vulnerability	VCID-bck9-34jp-6ydx

vulnerability	VCID-buax-rz7x-r7c2

vulnerability	VCID-c6zq-cfg5-u7d9

vulnerability	VCID-cczn-x8q7-k7ba

vulnerability	VCID-cjgc-q6p5-2ydc

vulnerability	VCID-ck23-cxn6-bbf3

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-dp6j-gnk4-rkd5

vulnerability	VCID-dsu7-jjjq-f3e1

vulnerability	VCID-f4pm-9tq5-q3ch

vulnerability	VCID-f963-qur3-2qb7

vulnerability	VCID-fber-yp9q-f7dr

vulnerability	VCID-fqbx-7xyq-fkav

vulnerability	VCID-g4ak-ertr-rya6

vulnerability	VCID-gcnj-6qb6-pbgz

vulnerability	VCID-gezz-pvpj-p3c6

vulnerability	VCID-gnna-yjv5-cya2

vulnerability	VCID-gspd-apwy-efgu

vulnerability	VCID-h2dd-7b1r-k7bs

vulnerability	VCID-h958-d3pm-kfcs

vulnerability	VCID-heyy-me7v-jyf5

vulnerability	VCID-hkk9-f78q-xqd2

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-hv3n-j8ck-1ufx

vulnerability	VCID-jmu3-5k7e-x7ch

vulnerability	VCID-jqx9-41zx-dbcy

vulnerability	VCID-kgcq-paqm-9ya6

vulnerability	VCID-kpze-14jy-xud9

vulnerability	VCID-kqbk-4q4z-nkec

vulnerability	VCID-kuq7-h4ex-tkgc

vulnerability	VCID-m3nf-1qbv-d3dj

vulnerability	VCID-m43j-8zeh-47gz

vulnerability	VCID-mc8q-fhyf-ekfj

vulnerability	VCID-mhud-kq57-nka3

vulnerability	VCID-mqk6-z77g-bfdv

vulnerability	VCID-n61z-6v8a-hygf

vulnerability	VCID-nbzv-ppzf-53ae

vulnerability	VCID-ne8w-dpjw-7qf1

vulnerability	VCID-nnh9-udcj-m7fv

vulnerability	VCID-npn5-rand-q3dg

vulnerability	VCID-nwxj-3ajk-rkh5

vulnerability	VCID-p1u9-66hm-47er

vulnerability	VCID-p545-vwe6-9kfr

vulnerability	VCID-pgzu-kxuj-j3fh

vulnerability	VCID-prbd-r82t-87dm

vulnerability	VCID-q6dx-uskc-y3hs

vulnerability	VCID-q9ak-qcq6-qfhy

vulnerability	VCID-qemc-8kj8-r3cd

vulnerability	VCID-re8y-zb3u-57h2

vulnerability	VCID-re9h-ze98-rbhu

vulnerability	VCID-rg5d-d8nc-9qfu

vulnerability	VCID-rkms-w15c-4yb1

vulnerability	VCID-rwgf-2pfh-ufdz

vulnerability	VCID-s49m-kyu7-vbee

vulnerability	VCID-s6k7-pp34-zygu

vulnerability	VCID-s8h9-rdvk-9yfp

vulnerability	VCID-se8w-fv8x-tqde

vulnerability	VCID-sszj-qy2p-ebbd

vulnerability	VCID-u347-jazz-zke4

vulnerability	VCID-u7nx-p1g7-cqhw

vulnerability	VCID-uckg-j48d-efad

vulnerability	VCID-uj89-13ub-43fz

vulnerability	VCID-utpu-q2dv-m3hm

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-w5pn-eb7y-1kdp

vulnerability	VCID-wq32-kgff-gke8

vulnerability	VCID-ww44-zmx7-47ft

100

vulnerability	VCID-xa4m-xpa9-v7h8

101

vulnerability	VCID-xhq3-ts9t-sbdy

102

vulnerability	VCID-xkpp-psz2-2kag

103

vulnerability	VCID-xp55-jxjr-zqcb

104

vulnerability	VCID-xwtv-48ph-6fb6

105

vulnerability	VCID-z41h-5mem-gfc7

106

vulnerability	VCID-z5qq-nwn5-tqgm

107

vulnerability	VCID-zdq2-dhb2-6kaq

108

vulnerability	VCID-zeku-t9fv-kych

109

vulnerability	VCID-zp3u-ukzs-ukf6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.1

url pkg:composer/typo3/cms@6.2.2

purl pkg:composer/typo3/cms@6.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-1bnd-6xsq-nbec

vulnerability	VCID-1jcy-nx8g-z3d3

vulnerability	VCID-1ng4-5tkh-g7h5

vulnerability	VCID-1qjx-grvf-y7bk

vulnerability	VCID-25t3-1sm6-3kdn

vulnerability	VCID-2rhx-afay-97da

vulnerability	VCID-37wu-bjfj-k7eg

vulnerability	VCID-3m2z-stmy-u7hm

vulnerability	VCID-3m53-kkk2-j7c2

vulnerability	VCID-435j-f3yx-9yep

vulnerability	VCID-48jz-wwt8-33hx

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-4etp-u4pt-v7hm

vulnerability	VCID-51ba-3ag9-rucn

vulnerability	VCID-59zz-tmvz-sqgm

vulnerability	VCID-5jgb-dsyx-hyb4

vulnerability	VCID-5ppt-avmb-cqb2

vulnerability	VCID-6gms-w48j-4ffh

vulnerability	VCID-6pvx-1qan-ukef

vulnerability	VCID-6spw-66jg-syb1

vulnerability	VCID-6wsa-4ywc-8fh4

vulnerability	VCID-7d1g-j3k5-gub8

vulnerability	VCID-7ngg-6yuz-jkge

vulnerability	VCID-7zx9-8afq-y3hc

vulnerability	VCID-8jp8-a363-67be

vulnerability	VCID-99uu-rfrf-bqa7

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-adk5-989d-jkc9

vulnerability	VCID-asym-tgh2-1kg8

vulnerability	VCID-b45y-dr1a-7qd7

vulnerability	VCID-b5ht-z6zp-pbht

vulnerability	VCID-b715-6z6c-qqar

vulnerability	VCID-bck9-34jp-6ydx

vulnerability	VCID-buax-rz7x-r7c2

vulnerability	VCID-c6zq-cfg5-u7d9

vulnerability	VCID-cczn-x8q7-k7ba

vulnerability	VCID-cjgc-q6p5-2ydc

vulnerability	VCID-ck23-cxn6-bbf3

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-dp6j-gnk4-rkd5

vulnerability	VCID-dsu7-jjjq-f3e1

vulnerability	VCID-f4pm-9tq5-q3ch

vulnerability	VCID-f963-qur3-2qb7

vulnerability	VCID-fber-yp9q-f7dr

vulnerability	VCID-fqbx-7xyq-fkav

vulnerability	VCID-g4ak-ertr-rya6

vulnerability	VCID-gcnj-6qb6-pbgz

vulnerability	VCID-gezz-pvpj-p3c6

vulnerability	VCID-gnna-yjv5-cya2

vulnerability	VCID-gspd-apwy-efgu

vulnerability	VCID-h2dd-7b1r-k7bs

vulnerability	VCID-h958-d3pm-kfcs

vulnerability	VCID-heyy-me7v-jyf5

vulnerability	VCID-hkk9-f78q-xqd2

vulnerability	VCID-hpju-vhzg-jyes

vulnerability	VCID-hv3n-j8ck-1ufx

vulnerability	VCID-jmu3-5k7e-x7ch

vulnerability	VCID-jqx9-41zx-dbcy

vulnerability	VCID-kgcq-paqm-9ya6

vulnerability	VCID-kpze-14jy-xud9

vulnerability	VCID-kqbk-4q4z-nkec

vulnerability	VCID-kuq7-h4ex-tkgc

vulnerability	VCID-m3nf-1qbv-d3dj

vulnerability	VCID-m43j-8zeh-47gz

vulnerability	VCID-mc8q-fhyf-ekfj

vulnerability	VCID-mhud-kq57-nka3

vulnerability	VCID-mqk6-z77g-bfdv

vulnerability	VCID-n61z-6v8a-hygf

vulnerability	VCID-nbzv-ppzf-53ae

vulnerability	VCID-ne8w-dpjw-7qf1

vulnerability	VCID-nnh9-udcj-m7fv

vulnerability	VCID-npn5-rand-q3dg

vulnerability	VCID-nwxj-3ajk-rkh5

vulnerability	VCID-p1u9-66hm-47er

vulnerability	VCID-p545-vwe6-9kfr

vulnerability	VCID-pgzu-kxuj-j3fh

vulnerability	VCID-prbd-r82t-87dm

vulnerability	VCID-q6dx-uskc-y3hs

vulnerability	VCID-q9ak-qcq6-qfhy

vulnerability	VCID-qemc-8kj8-r3cd

vulnerability	VCID-re8y-zb3u-57h2

vulnerability	VCID-re9h-ze98-rbhu

vulnerability	VCID-rg5d-d8nc-9qfu

vulnerability	VCID-rkms-w15c-4yb1

vulnerability	VCID-rwgf-2pfh-ufdz

vulnerability	VCID-s49m-kyu7-vbee

vulnerability	VCID-s6k7-pp34-zygu

vulnerability	VCID-s8h9-rdvk-9yfp

vulnerability	VCID-se8w-fv8x-tqde

vulnerability	VCID-sszj-qy2p-ebbd

vulnerability	VCID-u347-jazz-zke4

vulnerability	VCID-u7nx-p1g7-cqhw

vulnerability	VCID-uckg-j48d-efad

vulnerability	VCID-uj89-13ub-43fz

vulnerability	VCID-utpu-q2dv-m3hm

vulnerability	VCID-vbbx-pk8m-jfhd

vulnerability	VCID-w5pn-eb7y-1kdp

vulnerability	VCID-wq32-kgff-gke8

vulnerability	VCID-ww44-zmx7-47ft

100

vulnerability	VCID-xa4m-xpa9-v7h8

101

vulnerability	VCID-xhq3-ts9t-sbdy

102

vulnerability	VCID-xkpp-psz2-2kag

103

vulnerability	VCID-xp55-jxjr-zqcb

104

vulnerability	VCID-xwtv-48ph-6fb6

105

vulnerability	VCID-z41h-5mem-gfc7

106

vulnerability	VCID-z5qq-nwn5-tqgm

107

vulnerability	VCID-zdq2-dhb2-6kaq

108

vulnerability	VCID-zeku-t9fv-kych

109

vulnerability	VCID-zp3u-ukzs-ukf6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.2

References

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-05-22-1.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-05-22-1.yaml

reference_url

https://github.com/TYPO3/typo3

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3

reference_url

https://github.com/TYPO3/typo3/commit/32efb1b03573d51391126c90cd87c74b3dc457fb

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/32efb1b03573d51391126c90cd87c74b3dc457fb

reference_url

https://github.com/TYPO3/typo3/commit/9bd777649e4022c89dbf39ca41988a594b5e94b8

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/9bd777649e4022c89dbf39ca41988a594b5e94b8

reference_url

https://github.com/TYPO3/typo3/commit/c39bca9613c311dd12e61771dd311b1bb2283b8d

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/c39bca9613c311dd12e61771dd311b1bb2283b8d

reference_url

https://github.com/TYPO3/typo3/commit/d554ac5323f3b0fac1fce4c2c491d0123badd669

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/d554ac5323f3b0fac1fce4c2c491d0123badd669

reference_url

https://typo3.org/security/advisory/typo3-core-sa-2014-001

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2014-001

reference_url

https://web.archive.org/web/20140531042943/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20140531042943/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001

reference_url

https://github.com/advisories/GHSA-mxjf-hc9v-xgv2

reference_id

GHSA-mxjf-hc9v-xgv2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mxjf-hc9v-xgv2

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59zz-tmvz-sqgm

Vulnerability Instance