Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hdqc-q22s-3yfe
Summary
Cross-site Scripting
Cross-site scripting vulnerability in the baserCMS Blog plugin allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Aliases
0
alias CVE-2016-4880
1
alias GHSA-mxfv-c8p8-qw5h
Fixed_packages
0
url pkg:composer/baserproject/basercms@3.0.10.1
purl pkg:composer/baserproject/basercms@3.0.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1q79-sxzp-zker
1
vulnerability VCID-2u6y-aj6t-7fb1
2
vulnerability VCID-3new-f12y-8bf9
3
vulnerability VCID-4zw8-truk-pugf
4
vulnerability VCID-5ay3-1t5g-vycu
5
vulnerability VCID-6trr-5deb-yydm
6
vulnerability VCID-7x3n-4c2b-nfbx
7
vulnerability VCID-891u-x525-ykbb
8
vulnerability VCID-8buz-nsr9-3yge
9
vulnerability VCID-8ssu-umet-37bk
10
vulnerability VCID-9mf7-56fh-fyfk
11
vulnerability VCID-ays7-6wvh-augt
12
vulnerability VCID-d1sf-cmct-zbh1
13
vulnerability VCID-d5gk-q2hh-kba5
14
vulnerability VCID-e4xa-jm9u-nked
15
vulnerability VCID-eq7f-n3g5-s3hu
16
vulnerability VCID-ffq1-r9ck-1bhp
17
vulnerability VCID-g56w-z9cx-5ygv
18
vulnerability VCID-ga9u-uv9b-tydr
19
vulnerability VCID-ggv8-3v9t-mfea
20
vulnerability VCID-gsg3-fdmu-vqag
21
vulnerability VCID-guvm-x5jc-mfgc
22
vulnerability VCID-hpk4-a6tr-3ffe
23
vulnerability VCID-j37y-gws9-ake9
24
vulnerability VCID-jby7-s5ez-dqb3
25
vulnerability VCID-k575-suuf-7bhf
26
vulnerability VCID-k5qv-4yp3-zbgf
27
vulnerability VCID-khft-xvrw-g3dr
28
vulnerability VCID-kmpp-6j49-pqfz
29
vulnerability VCID-mfm9-gsh3-ubg8
30
vulnerability VCID-nxrf-64er-xbfx
31
vulnerability VCID-p695-t9ye-v3ga
32
vulnerability VCID-p6nr-eu91-53b4
33
vulnerability VCID-pd8c-9d7z-zkhg
34
vulnerability VCID-r4jc-22rq-d3cb
35
vulnerability VCID-sqr4-v889-tff8
36
vulnerability VCID-u16w-rbuk-ybfs
37
vulnerability VCID-uedz-j2vn-cbea
38
vulnerability VCID-vqx2-hzju-r7et
39
vulnerability VCID-xpsb-2yux-g3cf
40
vulnerability VCID-y2sz-c6vb-pkdp
41
vulnerability VCID-y9f3-k7xk-rucf
42
vulnerability VCID-yesf-qxgy-3ygx
43
vulnerability VCID-zqd4-rdem-jfgk
44
vulnerability VCID-zsgc-fnen-b7a6
45
vulnerability VCID-zy68-bur9-1fck
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.10.1
1
url pkg:composer/baserproject/basercms@3.0.11
purl pkg:composer/baserproject/basercms@3.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1q79-sxzp-zker
1
vulnerability VCID-2u6y-aj6t-7fb1
2
vulnerability VCID-3new-f12y-8bf9
3
vulnerability VCID-4zw8-truk-pugf
4
vulnerability VCID-5ay3-1t5g-vycu
5
vulnerability VCID-6trr-5deb-yydm
6
vulnerability VCID-7x3n-4c2b-nfbx
7
vulnerability VCID-891u-x525-ykbb
8
vulnerability VCID-8buz-nsr9-3yge
9
vulnerability VCID-8ssu-umet-37bk
10
vulnerability VCID-9mf7-56fh-fyfk
11
vulnerability VCID-ays7-6wvh-augt
12
vulnerability VCID-d1sf-cmct-zbh1
13
vulnerability VCID-d5gk-q2hh-kba5
14
vulnerability VCID-e4xa-jm9u-nked
15
vulnerability VCID-eq7f-n3g5-s3hu
16
vulnerability VCID-ffq1-r9ck-1bhp
17
vulnerability VCID-g56w-z9cx-5ygv
18
vulnerability VCID-ga9u-uv9b-tydr
19
vulnerability VCID-ggv8-3v9t-mfea
20
vulnerability VCID-gsg3-fdmu-vqag
21
vulnerability VCID-guvm-x5jc-mfgc
22
vulnerability VCID-hpk4-a6tr-3ffe
23
vulnerability VCID-j37y-gws9-ake9
24
vulnerability VCID-jby7-s5ez-dqb3
25
vulnerability VCID-k575-suuf-7bhf
26
vulnerability VCID-k5qv-4yp3-zbgf
27
vulnerability VCID-khft-xvrw-g3dr
28
vulnerability VCID-kmpp-6j49-pqfz
29
vulnerability VCID-mfm9-gsh3-ubg8
30
vulnerability VCID-nxrf-64er-xbfx
31
vulnerability VCID-p695-t9ye-v3ga
32
vulnerability VCID-p6nr-eu91-53b4
33
vulnerability VCID-pd8c-9d7z-zkhg
34
vulnerability VCID-r4jc-22rq-d3cb
35
vulnerability VCID-sqr4-v889-tff8
36
vulnerability VCID-u16w-rbuk-ybfs
37
vulnerability VCID-uedz-j2vn-cbea
38
vulnerability VCID-vqx2-hzju-r7et
39
vulnerability VCID-xpsb-2yux-g3cf
40
vulnerability VCID-y2sz-c6vb-pkdp
41
vulnerability VCID-y9f3-k7xk-rucf
42
vulnerability VCID-yesf-qxgy-3ygx
43
vulnerability VCID-zqd4-rdem-jfgk
44
vulnerability VCID-zsgc-fnen-b7a6
45
vulnerability VCID-zy68-bur9-1fck
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.11
Affected_packages
0
url pkg:composer/baserproject/basercms@3.0.10
purl pkg:composer/baserproject/basercms@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1q79-sxzp-zker
1
vulnerability VCID-2u6y-aj6t-7fb1
2
vulnerability VCID-3new-f12y-8bf9
3
vulnerability VCID-4zw8-truk-pugf
4
vulnerability VCID-5ay3-1t5g-vycu
5
vulnerability VCID-6trr-5deb-yydm
6
vulnerability VCID-7x3n-4c2b-nfbx
7
vulnerability VCID-891u-x525-ykbb
8
vulnerability VCID-8buz-nsr9-3yge
9
vulnerability VCID-8ssu-umet-37bk
10
vulnerability VCID-9mf7-56fh-fyfk
11
vulnerability VCID-ays7-6wvh-augt
12
vulnerability VCID-d1sf-cmct-zbh1
13
vulnerability VCID-d5gk-q2hh-kba5
14
vulnerability VCID-e4xa-jm9u-nked
15
vulnerability VCID-eq7f-n3g5-s3hu
16
vulnerability VCID-erav-4pk1-wfhc
17
vulnerability VCID-ffq1-r9ck-1bhp
18
vulnerability VCID-g56w-z9cx-5ygv
19
vulnerability VCID-ga9u-uv9b-tydr
20
vulnerability VCID-ggv8-3v9t-mfea
21
vulnerability VCID-gsg3-fdmu-vqag
22
vulnerability VCID-guvm-x5jc-mfgc
23
vulnerability VCID-hdqc-q22s-3yfe
24
vulnerability VCID-hpk4-a6tr-3ffe
25
vulnerability VCID-j37y-gws9-ake9
26
vulnerability VCID-jby7-s5ez-dqb3
27
vulnerability VCID-k575-suuf-7bhf
28
vulnerability VCID-k5qv-4yp3-zbgf
29
vulnerability VCID-khft-xvrw-g3dr
30
vulnerability VCID-kmpp-6j49-pqfz
31
vulnerability VCID-m4g1-p7z3-mydw
32
vulnerability VCID-mfm9-gsh3-ubg8
33
vulnerability VCID-nxrf-64er-xbfx
34
vulnerability VCID-p695-t9ye-v3ga
35
vulnerability VCID-p6nr-eu91-53b4
36
vulnerability VCID-pd8c-9d7z-zkhg
37
vulnerability VCID-r4jc-22rq-d3cb
38
vulnerability VCID-sqr4-v889-tff8
39
vulnerability VCID-u16w-rbuk-ybfs
40
vulnerability VCID-uedz-j2vn-cbea
41
vulnerability VCID-vqx2-hzju-r7et
42
vulnerability VCID-xpsb-2yux-g3cf
43
vulnerability VCID-y2sz-c6vb-pkdp
44
vulnerability VCID-y9f3-k7xk-rucf
45
vulnerability VCID-ydh5-rg6c-t7gx
46
vulnerability VCID-yesf-qxgy-3ygx
47
vulnerability VCID-zqd4-rdem-jfgk
48
vulnerability VCID-zsgc-fnen-b7a6
49
vulnerability VCID-zy68-bur9-1fck
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.10
References
0
reference_url http://basercms.net/security/JVN92765814
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://basercms.net/security/JVN92765814
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4880
reference_id
reference_type
scores
0
value 0.00235
scoring_system epss
scoring_elements 0.46602
published_at 2026-06-08T12:55:00Z
1
value 0.00235
scoring_system epss
scoring_elements 0.46581
published_at 2026-06-04T12:55:00Z
2
value 0.00235
scoring_system epss
scoring_elements 0.46647
published_at 2026-06-05T12:55:00Z
3
value 0.00235
scoring_system epss
scoring_elements 0.4665
published_at 2026-06-06T12:55:00Z
4
value 0.00235
scoring_system epss
scoring_elements 0.4663
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4880
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://jvn.jp/en/jp/JVN92765814/index.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jvn.jp/en/jp/JVN92765814/index.html
4
reference_url https://web.archive.org/web/20210308130052/http://www.securityfocus.com/bid/93217
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210308130052/http://www.securityfocus.com/bid/93217
5
reference_url http://www.securityfocus.com/bid/93217
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/93217
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4880
reference_id CVE-2016-4880
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4880
7
reference_url https://github.com/advisories/GHSA-mxfv-c8p8-qw5h
reference_id GHSA-mxfv-c8p8-qw5h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mxfv-c8p8-qw5h
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hdqc-q22s-3yfe