Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5du4-1bus-huhv

Summary

Duplicate Advisory: Wildfly HAL Console Cross-Site Scripting
# Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-jhvj-f397-8w6q. This link is maintained to preserve external references.

# Original Description
A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups “SuperUser”, “Admin”, or “Maintainer”.

Aliases

alias	GHSA-5wjw-h8x5-v65m

Fixed_packages

url pkg:maven/org.jboss.hal/hal-console@3.7.8.Final

purl pkg:maven/org.jboss.hal/hal-console@3.7.8.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.7.8.Final

Affected_packages

url pkg:maven/org.jboss.hal/hal-console@3.5.0.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.0.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.1.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.1.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.1.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.2.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.2.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.2.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.3.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.3.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.3.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.4.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.4.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.4.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.5.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.5.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.5.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.6.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.6.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.6.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.7.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.7.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.7.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.8.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.8.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.8.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.9.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.9.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.9.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.10.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.10.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.10.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.11.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.11.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.11.Final

url pkg:maven/org.jboss.hal/hal-console@3.5.12.Final

purl pkg:maven/org.jboss.hal/hal-console@3.5.12.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.5.12.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.0.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.0.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.1.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.1.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.1.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.2.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.2.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.2.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.3.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.3.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.3.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.4.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.4.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.4.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.5.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.5.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.5.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.6.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.6.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.6.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.7.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.7.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.7.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.8.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.8.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.8.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.9.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.9.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.9.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.10.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.10.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.10.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.11.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.11.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.11.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.12.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.12.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.12.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.13.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.13.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.13.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.14.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.14.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.14.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.15.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.15.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.15.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.16.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.16.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.16.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.17.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.17.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.17.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.18.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.18.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.18.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.19.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.19.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.19.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.20.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.20.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.20.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.21.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.21.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.21.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.22.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.22.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.22.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.23.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.23.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.23.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.24.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.24.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.24.Final

url pkg:maven/org.jboss.hal/hal-console@3.6.27.Final

purl pkg:maven/org.jboss.hal/hal-console@3.6.27.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.6.27.Final

url pkg:maven/org.jboss.hal/hal-console@3.7.0.Final

purl pkg:maven/org.jboss.hal/hal-console@3.7.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.7.0.Final

url pkg:maven/org.jboss.hal/hal-console@3.7.4.Final

purl pkg:maven/org.jboss.hal/hal-console@3.7.4.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.7.4.Final

url pkg:maven/org.jboss.hal/hal-console@3.7.5.Final

purl pkg:maven/org.jboss.hal/hal-console@3.7.5.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.7.5.Final

url pkg:maven/org.jboss.hal/hal-console@3.7.6.Final

purl pkg:maven/org.jboss.hal/hal-console@3.7.6.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-gkqy-w15q-jud2

vulnerability	VCID-w155-te58-v3fy

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.7.6.Final

url pkg:maven/org.jboss.hal/hal-console@3.7.7.Final

purl pkg:maven/org.jboss.hal/hal-console@3.7.7.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5du4-1bus-huhv

vulnerability	VCID-8ew2-s4a9-u7cu

vulnerability	VCID-zufu-x8dx-xygs

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.hal/hal-console@3.7.7.Final

References

reference_url

https://access.redhat.com/errata/RHSA-2025:10924

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2025:10924

reference_url

https://access.redhat.com/errata/RHSA-2025:10925

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2025:10925

reference_url

https://access.redhat.com/errata/RHSA-2025:10926

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2025:10926

reference_url

https://access.redhat.com/security/cve/CVE-2025-23366

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2025-23366

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2337619

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2337619

reference_url

https://github.com/hal/console

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/hal/console

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-23366

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-23366

reference_url

https://github.com/advisories/GHSA-5wjw-h8x5-v65m

reference_id

GHSA-5wjw-h8x5-v65m

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5wjw-h8x5-v65m

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5du4-1bus-huhv

Vulnerability Instance