Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-4fez-w6cm-rkf5
Summary
Silverstripe Cross-site scripting vulnerability in VersionedRequestFilter
A cross-site scripting vulnerability in VersionedRequestFilter has been found.

If an incoming user request should not be able to access the requested stage, an error message is created for display on the CMS login page that they are redirected to. In this error message, the URL of the requested page is interpolated into the error message without being escaped; hence, arbitrary HTML can be injected into the CMS login page.
Aliases
0
alias GHSA-mpqj-f4v3-334h
Fixed_packages
0
url pkg:composer/silverstripe/framework@3.3.3
purl pkg:composer/silverstripe/framework@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-414d-7bfm-kud7
3
vulnerability VCID-4f9c-aun4-wfep
4
vulnerability VCID-4x32-t75c-u3bj
5
vulnerability VCID-5pkg-j4wg-7fcn
6
vulnerability VCID-6du5-hdvd-fueb
7
vulnerability VCID-6epx-c68d-d7bv
8
vulnerability VCID-7dk3-gcup-2kc9
9
vulnerability VCID-86yd-4mkt-hydr
10
vulnerability VCID-a3yc-fxa1-gfhy
11
vulnerability VCID-ab5z-bqka-xudb
12
vulnerability VCID-ajga-3b99-yugh
13
vulnerability VCID-axxx-gpfn-mqc9
14
vulnerability VCID-bdcq-z11u-zyh5
15
vulnerability VCID-c3vp-kc9a-vkhn
16
vulnerability VCID-cdgj-bdpy-ukak
17
vulnerability VCID-cg3k-vmk4-5kdb
18
vulnerability VCID-eddc-w9wx-c3gq
19
vulnerability VCID-enkd-4y44-4ueq
20
vulnerability VCID-fpb7-5pwu-tyg5
21
vulnerability VCID-fyxa-vzeq-ubeq
22
vulnerability VCID-j6ze-f76y-cqgy
23
vulnerability VCID-kak1-btjp-kqgz
24
vulnerability VCID-kdyk-rrrr-pufw
25
vulnerability VCID-krjm-ygks-wyct
26
vulnerability VCID-kvhv-9fj5-7kgk
27
vulnerability VCID-kw9p-5fbc-hudg
28
vulnerability VCID-kxa8-dmva-ayff
29
vulnerability VCID-p2kq-rkh6-ayeu
30
vulnerability VCID-pq29-qe7h-tkcp
31
vulnerability VCID-qm38-1cwk-b3hq
32
vulnerability VCID-tc2y-zrea-vyb2
33
vulnerability VCID-tm1s-2m92-uyh9
34
vulnerability VCID-u49v-31sv-eqc3
35
vulnerability VCID-ya8k-c5s5-47gx
36
vulnerability VCID-yuer-yn1w-q3gw
37
vulnerability VCID-z7fk-zbvh-quew
38
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3
1
url pkg:composer/silverstripe/framework@3.4.1
purl pkg:composer/silverstripe/framework@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-3ydp-barm-5ya1
3
vulnerability VCID-414d-7bfm-kud7
4
vulnerability VCID-4f9c-aun4-wfep
5
vulnerability VCID-4x32-t75c-u3bj
6
vulnerability VCID-5pkg-j4wg-7fcn
7
vulnerability VCID-6du5-hdvd-fueb
8
vulnerability VCID-6epx-c68d-d7bv
9
vulnerability VCID-7dk3-gcup-2kc9
10
vulnerability VCID-86yd-4mkt-hydr
11
vulnerability VCID-a3yc-fxa1-gfhy
12
vulnerability VCID-ab5z-bqka-xudb
13
vulnerability VCID-ajga-3b99-yugh
14
vulnerability VCID-axxx-gpfn-mqc9
15
vulnerability VCID-bdcq-z11u-zyh5
16
vulnerability VCID-bmqt-5ybj-kuf6
17
vulnerability VCID-c3vp-kc9a-vkhn
18
vulnerability VCID-cdgj-bdpy-ukak
19
vulnerability VCID-cg3k-vmk4-5kdb
20
vulnerability VCID-eddc-w9wx-c3gq
21
vulnerability VCID-enkd-4y44-4ueq
22
vulnerability VCID-ete7-tupf-63c9
23
vulnerability VCID-fpb7-5pwu-tyg5
24
vulnerability VCID-fyxa-vzeq-ubeq
25
vulnerability VCID-j6ze-f76y-cqgy
26
vulnerability VCID-kak1-btjp-kqgz
27
vulnerability VCID-kdyk-rrrr-pufw
28
vulnerability VCID-krjm-ygks-wyct
29
vulnerability VCID-kvhv-9fj5-7kgk
30
vulnerability VCID-kw9p-5fbc-hudg
31
vulnerability VCID-kxa8-dmva-ayff
32
vulnerability VCID-p2kq-rkh6-ayeu
33
vulnerability VCID-pq29-qe7h-tkcp
34
vulnerability VCID-qm38-1cwk-b3hq
35
vulnerability VCID-tc2y-zrea-vyb2
36
vulnerability VCID-tm1s-2m92-uyh9
37
vulnerability VCID-tzmx-hfk2-7ufr
38
vulnerability VCID-u49v-31sv-eqc3
39
vulnerability VCID-ya8k-c5s5-47gx
40
vulnerability VCID-yuer-yn1w-q3gw
41
vulnerability VCID-z7fk-zbvh-quew
42
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1
Affected_packages
0
url pkg:composer/silverstripe/framework@3.3.2
purl pkg:composer/silverstripe/framework@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-414d-7bfm-kud7
3
vulnerability VCID-4f9c-aun4-wfep
4
vulnerability VCID-4fez-w6cm-rkf5
5
vulnerability VCID-4x32-t75c-u3bj
6
vulnerability VCID-5pkg-j4wg-7fcn
7
vulnerability VCID-6du5-hdvd-fueb
8
vulnerability VCID-6epx-c68d-d7bv
9
vulnerability VCID-6yv4-xevb-v7b2
10
vulnerability VCID-7dk3-gcup-2kc9
11
vulnerability VCID-86yd-4mkt-hydr
12
vulnerability VCID-8am6-aeny-ffej
13
vulnerability VCID-8wbx-bvm9-jqcv
14
vulnerability VCID-8zj1-kn8e-kbbn
15
vulnerability VCID-a3yc-fxa1-gfhy
16
vulnerability VCID-ab5z-bqka-xudb
17
vulnerability VCID-ade4-h51n-3bap
18
vulnerability VCID-ajga-3b99-yugh
19
vulnerability VCID-axxx-gpfn-mqc9
20
vulnerability VCID-bdcq-z11u-zyh5
21
vulnerability VCID-c3vp-kc9a-vkhn
22
vulnerability VCID-cdgj-bdpy-ukak
23
vulnerability VCID-cg3k-vmk4-5kdb
24
vulnerability VCID-dx5f-g875-5bct
25
vulnerability VCID-eddc-w9wx-c3gq
26
vulnerability VCID-enkd-4y44-4ueq
27
vulnerability VCID-fpb7-5pwu-tyg5
28
vulnerability VCID-fyxa-vzeq-ubeq
29
vulnerability VCID-hgkh-tcdc-ufd5
30
vulnerability VCID-j6ze-f76y-cqgy
31
vulnerability VCID-k7bb-y315-4qb6
32
vulnerability VCID-kak1-btjp-kqgz
33
vulnerability VCID-kdyk-rrrr-pufw
34
vulnerability VCID-kqk7-mdnd-hfc7
35
vulnerability VCID-krjm-ygks-wyct
36
vulnerability VCID-kvhv-9fj5-7kgk
37
vulnerability VCID-kw9p-5fbc-hudg
38
vulnerability VCID-kxa8-dmva-ayff
39
vulnerability VCID-nt4w-m7ak-4bbx
40
vulnerability VCID-p2kq-rkh6-ayeu
41
vulnerability VCID-p52e-s67u-eya7
42
vulnerability VCID-pq29-qe7h-tkcp
43
vulnerability VCID-qm38-1cwk-b3hq
44
vulnerability VCID-tc2y-zrea-vyb2
45
vulnerability VCID-tm1s-2m92-uyh9
46
vulnerability VCID-u49v-31sv-eqc3
47
vulnerability VCID-vtva-utdn-jkce
48
vulnerability VCID-wrnm-d19b-hqby
49
vulnerability VCID-ya8k-c5s5-47gx
50
vulnerability VCID-yuer-yn1w-q3gw
51
vulnerability VCID-z7fk-zbvh-quew
52
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.2
1
url pkg:composer/silverstripe/framework@3.3.3-rc1
purl pkg:composer/silverstripe/framework@3.3.3-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-414d-7bfm-kud7
3
vulnerability VCID-4f9c-aun4-wfep
4
vulnerability VCID-4fez-w6cm-rkf5
5
vulnerability VCID-4x32-t75c-u3bj
6
vulnerability VCID-5pkg-j4wg-7fcn
7
vulnerability VCID-6du5-hdvd-fueb
8
vulnerability VCID-6epx-c68d-d7bv
9
vulnerability VCID-6yv4-xevb-v7b2
10
vulnerability VCID-7dk3-gcup-2kc9
11
vulnerability VCID-86yd-4mkt-hydr
12
vulnerability VCID-8am6-aeny-ffej
13
vulnerability VCID-8wbx-bvm9-jqcv
14
vulnerability VCID-8zj1-kn8e-kbbn
15
vulnerability VCID-a3yc-fxa1-gfhy
16
vulnerability VCID-ab5z-bqka-xudb
17
vulnerability VCID-ade4-h51n-3bap
18
vulnerability VCID-ajga-3b99-yugh
19
vulnerability VCID-axxx-gpfn-mqc9
20
vulnerability VCID-bdcq-z11u-zyh5
21
vulnerability VCID-c3vp-kc9a-vkhn
22
vulnerability VCID-cdgj-bdpy-ukak
23
vulnerability VCID-cg3k-vmk4-5kdb
24
vulnerability VCID-dx5f-g875-5bct
25
vulnerability VCID-eddc-w9wx-c3gq
26
vulnerability VCID-enkd-4y44-4ueq
27
vulnerability VCID-fpb7-5pwu-tyg5
28
vulnerability VCID-fyxa-vzeq-ubeq
29
vulnerability VCID-hgkh-tcdc-ufd5
30
vulnerability VCID-j6ze-f76y-cqgy
31
vulnerability VCID-k7bb-y315-4qb6
32
vulnerability VCID-kak1-btjp-kqgz
33
vulnerability VCID-kdyk-rrrr-pufw
34
vulnerability VCID-kqk7-mdnd-hfc7
35
vulnerability VCID-krjm-ygks-wyct
36
vulnerability VCID-kvhv-9fj5-7kgk
37
vulnerability VCID-kw9p-5fbc-hudg
38
vulnerability VCID-kxa8-dmva-ayff
39
vulnerability VCID-nt4w-m7ak-4bbx
40
vulnerability VCID-p2kq-rkh6-ayeu
41
vulnerability VCID-p52e-s67u-eya7
42
vulnerability VCID-pq29-qe7h-tkcp
43
vulnerability VCID-qm38-1cwk-b3hq
44
vulnerability VCID-tc2y-zrea-vyb2
45
vulnerability VCID-tm1s-2m92-uyh9
46
vulnerability VCID-u49v-31sv-eqc3
47
vulnerability VCID-vtva-utdn-jkce
48
vulnerability VCID-wrnm-d19b-hqby
49
vulnerability VCID-ya8k-c5s5-47gx
50
vulnerability VCID-yuer-yn1w-q3gw
51
vulnerability VCID-z7fk-zbvh-quew
52
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3-rc1
2
url pkg:composer/silverstripe/framework@3.3.3-rc2
purl pkg:composer/silverstripe/framework@3.3.3-rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-414d-7bfm-kud7
3
vulnerability VCID-4f9c-aun4-wfep
4
vulnerability VCID-4fez-w6cm-rkf5
5
vulnerability VCID-4x32-t75c-u3bj
6
vulnerability VCID-5pkg-j4wg-7fcn
7
vulnerability VCID-6du5-hdvd-fueb
8
vulnerability VCID-6epx-c68d-d7bv
9
vulnerability VCID-6yv4-xevb-v7b2
10
vulnerability VCID-7dk3-gcup-2kc9
11
vulnerability VCID-86yd-4mkt-hydr
12
vulnerability VCID-8am6-aeny-ffej
13
vulnerability VCID-8zj1-kn8e-kbbn
14
vulnerability VCID-a3yc-fxa1-gfhy
15
vulnerability VCID-ab5z-bqka-xudb
16
vulnerability VCID-ade4-h51n-3bap
17
vulnerability VCID-ajga-3b99-yugh
18
vulnerability VCID-axxx-gpfn-mqc9
19
vulnerability VCID-bdcq-z11u-zyh5
20
vulnerability VCID-c3vp-kc9a-vkhn
21
vulnerability VCID-cdgj-bdpy-ukak
22
vulnerability VCID-cg3k-vmk4-5kdb
23
vulnerability VCID-eddc-w9wx-c3gq
24
vulnerability VCID-enkd-4y44-4ueq
25
vulnerability VCID-fpb7-5pwu-tyg5
26
vulnerability VCID-fyxa-vzeq-ubeq
27
vulnerability VCID-j6ze-f76y-cqgy
28
vulnerability VCID-kak1-btjp-kqgz
29
vulnerability VCID-kdyk-rrrr-pufw
30
vulnerability VCID-kqk7-mdnd-hfc7
31
vulnerability VCID-krjm-ygks-wyct
32
vulnerability VCID-kvhv-9fj5-7kgk
33
vulnerability VCID-kw9p-5fbc-hudg
34
vulnerability VCID-kxa8-dmva-ayff
35
vulnerability VCID-nt4w-m7ak-4bbx
36
vulnerability VCID-p2kq-rkh6-ayeu
37
vulnerability VCID-pq29-qe7h-tkcp
38
vulnerability VCID-qm38-1cwk-b3hq
39
vulnerability VCID-tc2y-zrea-vyb2
40
vulnerability VCID-tm1s-2m92-uyh9
41
vulnerability VCID-u49v-31sv-eqc3
42
vulnerability VCID-ya8k-c5s5-47gx
43
vulnerability VCID-yuer-yn1w-q3gw
44
vulnerability VCID-z7fk-zbvh-quew
45
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.3-rc2
3
url pkg:composer/silverstripe/framework@3.4.0
purl pkg:composer/silverstripe/framework@3.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-3ydp-barm-5ya1
3
vulnerability VCID-414d-7bfm-kud7
4
vulnerability VCID-4f9c-aun4-wfep
5
vulnerability VCID-4fez-w6cm-rkf5
6
vulnerability VCID-4x32-t75c-u3bj
7
vulnerability VCID-5pkg-j4wg-7fcn
8
vulnerability VCID-6du5-hdvd-fueb
9
vulnerability VCID-6epx-c68d-d7bv
10
vulnerability VCID-6yv4-xevb-v7b2
11
vulnerability VCID-7dk3-gcup-2kc9
12
vulnerability VCID-86yd-4mkt-hydr
13
vulnerability VCID-8am6-aeny-ffej
14
vulnerability VCID-8wbx-bvm9-jqcv
15
vulnerability VCID-8zj1-kn8e-kbbn
16
vulnerability VCID-a3yc-fxa1-gfhy
17
vulnerability VCID-ab5z-bqka-xudb
18
vulnerability VCID-ade4-h51n-3bap
19
vulnerability VCID-ajga-3b99-yugh
20
vulnerability VCID-axxx-gpfn-mqc9
21
vulnerability VCID-bdcq-z11u-zyh5
22
vulnerability VCID-bmqt-5ybj-kuf6
23
vulnerability VCID-c3vp-kc9a-vkhn
24
vulnerability VCID-cdgj-bdpy-ukak
25
vulnerability VCID-cg3k-vmk4-5kdb
26
vulnerability VCID-dx5f-g875-5bct
27
vulnerability VCID-eddc-w9wx-c3gq
28
vulnerability VCID-enkd-4y44-4ueq
29
vulnerability VCID-ete7-tupf-63c9
30
vulnerability VCID-fpb7-5pwu-tyg5
31
vulnerability VCID-fyxa-vzeq-ubeq
32
vulnerability VCID-hgkh-tcdc-ufd5
33
vulnerability VCID-j6ze-f76y-cqgy
34
vulnerability VCID-k7bb-y315-4qb6
35
vulnerability VCID-kak1-btjp-kqgz
36
vulnerability VCID-kdyk-rrrr-pufw
37
vulnerability VCID-kqk7-mdnd-hfc7
38
vulnerability VCID-krjm-ygks-wyct
39
vulnerability VCID-kvhv-9fj5-7kgk
40
vulnerability VCID-kw9p-5fbc-hudg
41
vulnerability VCID-kxa8-dmva-ayff
42
vulnerability VCID-nt4w-m7ak-4bbx
43
vulnerability VCID-p2kq-rkh6-ayeu
44
vulnerability VCID-p52e-s67u-eya7
45
vulnerability VCID-pq29-qe7h-tkcp
46
vulnerability VCID-qm38-1cwk-b3hq
47
vulnerability VCID-tc2y-zrea-vyb2
48
vulnerability VCID-tm1s-2m92-uyh9
49
vulnerability VCID-tzmx-hfk2-7ufr
50
vulnerability VCID-u49v-31sv-eqc3
51
vulnerability VCID-vtva-utdn-jkce
52
vulnerability VCID-wrnm-d19b-hqby
53
vulnerability VCID-ya8k-c5s5-47gx
54
vulnerability VCID-yuer-yn1w-q3gw
55
vulnerability VCID-z7fk-zbvh-quew
56
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.0
4
url pkg:composer/silverstripe/framework@3.4.1-rc1
purl pkg:composer/silverstripe/framework@3.4.1-rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-3ydp-barm-5ya1
3
vulnerability VCID-414d-7bfm-kud7
4
vulnerability VCID-4f9c-aun4-wfep
5
vulnerability VCID-4fez-w6cm-rkf5
6
vulnerability VCID-4x32-t75c-u3bj
7
vulnerability VCID-5pkg-j4wg-7fcn
8
vulnerability VCID-6du5-hdvd-fueb
9
vulnerability VCID-6epx-c68d-d7bv
10
vulnerability VCID-6yv4-xevb-v7b2
11
vulnerability VCID-7dk3-gcup-2kc9
12
vulnerability VCID-86yd-4mkt-hydr
13
vulnerability VCID-8am6-aeny-ffej
14
vulnerability VCID-8wbx-bvm9-jqcv
15
vulnerability VCID-8zj1-kn8e-kbbn
16
vulnerability VCID-a3yc-fxa1-gfhy
17
vulnerability VCID-ab5z-bqka-xudb
18
vulnerability VCID-ade4-h51n-3bap
19
vulnerability VCID-ajga-3b99-yugh
20
vulnerability VCID-axxx-gpfn-mqc9
21
vulnerability VCID-bdcq-z11u-zyh5
22
vulnerability VCID-bmqt-5ybj-kuf6
23
vulnerability VCID-c3vp-kc9a-vkhn
24
vulnerability VCID-cdgj-bdpy-ukak
25
vulnerability VCID-cg3k-vmk4-5kdb
26
vulnerability VCID-dx5f-g875-5bct
27
vulnerability VCID-eddc-w9wx-c3gq
28
vulnerability VCID-enkd-4y44-4ueq
29
vulnerability VCID-ete7-tupf-63c9
30
vulnerability VCID-fpb7-5pwu-tyg5
31
vulnerability VCID-fyxa-vzeq-ubeq
32
vulnerability VCID-hgkh-tcdc-ufd5
33
vulnerability VCID-j6ze-f76y-cqgy
34
vulnerability VCID-k7bb-y315-4qb6
35
vulnerability VCID-kak1-btjp-kqgz
36
vulnerability VCID-kdyk-rrrr-pufw
37
vulnerability VCID-kqk7-mdnd-hfc7
38
vulnerability VCID-krjm-ygks-wyct
39
vulnerability VCID-kvhv-9fj5-7kgk
40
vulnerability VCID-kw9p-5fbc-hudg
41
vulnerability VCID-kxa8-dmva-ayff
42
vulnerability VCID-nt4w-m7ak-4bbx
43
vulnerability VCID-p2kq-rkh6-ayeu
44
vulnerability VCID-p52e-s67u-eya7
45
vulnerability VCID-pq29-qe7h-tkcp
46
vulnerability VCID-qm38-1cwk-b3hq
47
vulnerability VCID-tc2y-zrea-vyb2
48
vulnerability VCID-tm1s-2m92-uyh9
49
vulnerability VCID-tzmx-hfk2-7ufr
50
vulnerability VCID-u49v-31sv-eqc3
51
vulnerability VCID-vtva-utdn-jkce
52
vulnerability VCID-wrnm-d19b-hqby
53
vulnerability VCID-ya8k-c5s5-47gx
54
vulnerability VCID-yuer-yn1w-q3gw
55
vulnerability VCID-z7fk-zbvh-quew
56
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1-rc1
5
url pkg:composer/silverstripe/framework@3.4.1-rc2
purl pkg:composer/silverstripe/framework@3.4.1-rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f9j-ek3x-kbc5
1
vulnerability VCID-2rbk-47h6-d7d8
2
vulnerability VCID-3ydp-barm-5ya1
3
vulnerability VCID-414d-7bfm-kud7
4
vulnerability VCID-4f9c-aun4-wfep
5
vulnerability VCID-4fez-w6cm-rkf5
6
vulnerability VCID-4x32-t75c-u3bj
7
vulnerability VCID-5pkg-j4wg-7fcn
8
vulnerability VCID-6du5-hdvd-fueb
9
vulnerability VCID-6epx-c68d-d7bv
10
vulnerability VCID-6yv4-xevb-v7b2
11
vulnerability VCID-7dk3-gcup-2kc9
12
vulnerability VCID-86yd-4mkt-hydr
13
vulnerability VCID-8am6-aeny-ffej
14
vulnerability VCID-8zj1-kn8e-kbbn
15
vulnerability VCID-a3yc-fxa1-gfhy
16
vulnerability VCID-ab5z-bqka-xudb
17
vulnerability VCID-ade4-h51n-3bap
18
vulnerability VCID-ajga-3b99-yugh
19
vulnerability VCID-axxx-gpfn-mqc9
20
vulnerability VCID-bdcq-z11u-zyh5
21
vulnerability VCID-bmqt-5ybj-kuf6
22
vulnerability VCID-c3vp-kc9a-vkhn
23
vulnerability VCID-cdgj-bdpy-ukak
24
vulnerability VCID-cg3k-vmk4-5kdb
25
vulnerability VCID-eddc-w9wx-c3gq
26
vulnerability VCID-enkd-4y44-4ueq
27
vulnerability VCID-ete7-tupf-63c9
28
vulnerability VCID-fpb7-5pwu-tyg5
29
vulnerability VCID-fyxa-vzeq-ubeq
30
vulnerability VCID-j6ze-f76y-cqgy
31
vulnerability VCID-kak1-btjp-kqgz
32
vulnerability VCID-kdyk-rrrr-pufw
33
vulnerability VCID-kqk7-mdnd-hfc7
34
vulnerability VCID-krjm-ygks-wyct
35
vulnerability VCID-kvhv-9fj5-7kgk
36
vulnerability VCID-kw9p-5fbc-hudg
37
vulnerability VCID-kxa8-dmva-ayff
38
vulnerability VCID-nt4w-m7ak-4bbx
39
vulnerability VCID-p2kq-rkh6-ayeu
40
vulnerability VCID-pq29-qe7h-tkcp
41
vulnerability VCID-qm38-1cwk-b3hq
42
vulnerability VCID-tc2y-zrea-vyb2
43
vulnerability VCID-tm1s-2m92-uyh9
44
vulnerability VCID-tzmx-hfk2-7ufr
45
vulnerability VCID-u49v-31sv-eqc3
46
vulnerability VCID-ya8k-c5s5-47gx
47
vulnerability VCID-yuer-yn1w-q3gw
48
vulnerability VCID-z7fk-zbvh-quew
49
vulnerability VCID-zxmh-xcvd-53fe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.4.1-rc2
References
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2016-007-1.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2016-007-1.yaml
1
reference_url https://github.com/silverstripe/silverstripe-framework
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework
2
reference_url https://github.com/silverstripe/silverstripe-framework/commit/3fa84cf0c64a539d78600c36364817a8e38411d8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/3fa84cf0c64a539d78600c36364817a8e38411d8
3
reference_url https://github.com/silverstripe/silverstripe-framework/commit/41be95c95a55031412ee4056aeee5c2c69595836
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/silverstripe/silverstripe-framework/commit/41be95c95a55031412ee4056aeee5c2c69595836
4
reference_url https://www.silverstripe.org/download/security-releases/ss-2016-007
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.silverstripe.org/download/security-releases/ss-2016-007
5
reference_url https://github.com/advisories/GHSA-mpqj-f4v3-334h
reference_id GHSA-mpqj-f4v3-334h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mpqj-f4v3-334h
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-4fez-w6cm-rkf5