Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-a1g9-pyz5-9fca

Summary

Cross-site Scripting
TYPO3 contains a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (`_Web>View_`) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.

Aliases

alias	CVE-2021-32667

alias	GHSA-8mq9-fqv8-59wf

Fixed_packages

url pkg:composer/typo3/cms@10.4.18

purl pkg:composer/typo3/cms@10.4.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18

url pkg:composer/typo3/cms@11.3.1

purl pkg:composer/typo3/cms@11.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1

url pkg:composer/typo3/cms-core@10.4.18

purl pkg:composer/typo3/cms-core@10.4.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18

url pkg:composer/typo3/cms-core@11.3.1

purl pkg:composer/typo3/cms-core@11.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1

Affected_packages

url pkg:composer/typo3/cms@9.0.0

purl pkg:composer/typo3/cms@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

vulnerability	VCID-3ugj-6m1e-e3hr

vulnerability	VCID-3ye6-vqje-abh4

vulnerability	VCID-4eym-e6vt-8fbs

vulnerability	VCID-4jck-w9ct-budk

vulnerability	VCID-7ch1-q9f4-a7bt

vulnerability	VCID-7m6u-k5tp-gkhy

vulnerability	VCID-7xv1-78u7-xufp

vulnerability	VCID-953t-q1cr-zyd6

vulnerability	VCID-9adx-p876-kyb5

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-abjx-8v46-d7d8

vulnerability	VCID-am6s-67bm-77dr

vulnerability	VCID-cvk2-93hm-gkhx

vulnerability	VCID-dsqm-9q3e-dudw

vulnerability	VCID-emqq-kwjg-3kfk

vulnerability	VCID-fut7-bb1f-37g7

vulnerability	VCID-hp99-ncuh-6ugv

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-je4q-svfw-hqda

vulnerability	VCID-jq5y-7h9g-mufa

vulnerability	VCID-k5t3-28es-h3ez

vulnerability	VCID-khpm-e1xb-hydb

vulnerability	VCID-njsj-bwjq-fyap

vulnerability	VCID-nney-azbc-pucg

vulnerability	VCID-pmvp-twk2-jqe4

vulnerability	VCID-qv14-m93d-jyd9

vulnerability	VCID-qxab-9uwr-yqhv

vulnerability	VCID-ru6w-m6q6-27gn

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-sdsa-mh76-kqch

vulnerability	VCID-u259-2sxq-tbct

vulnerability	VCID-uq77-aax5-k7d8

vulnerability	VCID-vq15-t92r-5bhx

vulnerability	VCID-vw2r-g8yy-eyf4

vulnerability	VCID-w1wb-mq2y-dfca

vulnerability	VCID-x5x1-w7yv-eye9

vulnerability	VCID-y7ds-p5r2-yuhq

vulnerability	VCID-yz6t-ge1y-qfgr

vulnerability	VCID-zmwv-gwq3-fkej

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0

url pkg:composer/typo3/cms@9.5.287

purl pkg:composer/typo3/cms@9.5.287

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a1g9-pyz5-9fca

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.287

url pkg:composer/typo3/cms@10.0.0

purl pkg:composer/typo3/cms@10.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

vulnerability	VCID-6a22-c7x5-sqe2

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.0.0

url pkg:composer/typo3/cms@10.4.17

purl pkg:composer/typo3/cms@10.4.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.17

url pkg:composer/typo3/cms@11.0.0

purl pkg:composer/typo3/cms@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

vulnerability	VCID-6a22-c7x5-sqe2

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-fsx8-7qjz-2ubw

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.0.0

url pkg:composer/typo3/cms@11.3.0

purl pkg:composer/typo3/cms@11.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.0

url pkg:composer/typo3/cms-core@9.0.0

purl pkg:composer/typo3/cms-core@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1knh-es99-dubw

vulnerability	VCID-1prg-c74k-37ec

vulnerability	VCID-23ss-xwrm-1qcu

vulnerability	VCID-2m67-xdxz-ryc2

vulnerability	VCID-2rhr-8vaz-hqfj

vulnerability	VCID-3hta-35zx-zuc4

vulnerability	VCID-6ffw-r4k7-5qf8

vulnerability	VCID-6q7t-kdrg-8qc3

vulnerability	VCID-6rgp-dzw1-kycx

vulnerability	VCID-7ch1-q9f4-a7bt

vulnerability	VCID-7r4g-gxc6-hubh

vulnerability	VCID-82ds-xda8-5ye4

vulnerability	VCID-8sek-v483-8ueu

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-bzqv-s7g3-wff9

vulnerability	VCID-cf9m-qdyj-eyav

vulnerability	VCID-cv9x-ea8e-pufu

vulnerability	VCID-daz8-j1ns-rkgt

vulnerability	VCID-e8ze-umec-a7hx

vulnerability	VCID-e9jc-8mpp-fkgh

vulnerability	VCID-efrn-3w2z-xyaf

vulnerability	VCID-hfcx-1kuh-p3ez

vulnerability	VCID-hnyk-614g-yuhy

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-k8r2-2ak8-qkak

vulnerability	VCID-n56h-zuzr-ruhf

vulnerability	VCID-nyw8-q5ef-2fcv

vulnerability	VCID-pwh8-c992-vqav

vulnerability	VCID-qr1u-kcn9-cuf6

vulnerability	VCID-qxab-9uwr-yqhv

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uaf3-fyst-u7gm

vulnerability	VCID-uncp-sa58-ufdd

vulnerability	VCID-uq77-aax5-k7d8

vulnerability	VCID-uua1-9rt1-dfbz

vulnerability	VCID-v7b1-x8hy-2kcg

vulnerability	VCID-w94g-xxea-23fb

vulnerability	VCID-wm4a-hcvt-vkbk

vulnerability	VCID-x5jb-yj3d-qbdf

vulnerability	VCID-y3zj-acc7-jkau

vulnerability	VCID-z2bk-m2kw-h3c9

vulnerability	VCID-zbm9-cx69-wqg3

vulnerability	VCID-zhcb-h8ph-7uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.0.0

url pkg:composer/typo3/cms-core@9.5.287

purl pkg:composer/typo3/cms-core@9.5.287

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a1g9-pyz5-9fca

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.287

url pkg:composer/typo3/cms-core@10.0.0

purl pkg:composer/typo3/cms-core@10.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

vulnerability	VCID-3hta-35zx-zuc4

vulnerability	VCID-6a22-c7x5-sqe2

vulnerability	VCID-7r4g-gxc6-hubh

vulnerability	VCID-9tpm-8udy-c3cd

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-bzqv-s7g3-wff9

vulnerability	VCID-gxsd-4nd9-gqgn

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

vulnerability	VCID-uua1-9rt1-dfbz

vulnerability	VCID-w94g-xxea-23fb

vulnerability	VCID-y3zj-acc7-jkau

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.0.0

url pkg:composer/typo3/cms-core@10.4.17

purl pkg:composer/typo3/cms-core@10.4.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.17

url pkg:composer/typo3/cms-core@11.0.0

purl pkg:composer/typo3/cms-core@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rhr-8vaz-hqfj

vulnerability	VCID-3hta-35zx-zuc4

vulnerability	VCID-6a22-c7x5-sqe2

vulnerability	VCID-7r4g-gxc6-hubh

vulnerability	VCID-9tpm-8udy-c3cd

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-bzqv-s7g3-wff9

vulnerability	VCID-fsx8-7qjz-2ubw

vulnerability	VCID-gxsd-4nd9-gqgn

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

vulnerability	VCID-uua1-9rt1-dfbz

vulnerability	VCID-w94g-xxea-23fb

vulnerability	VCID-y3zj-acc7-jkau

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.0.0

url pkg:composer/typo3/cms-core@11.3.0

purl pkg:composer/typo3/cms-core@11.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a1g9-pyz5-9fca

vulnerability	VCID-j8hk-bqnb-gycp

vulnerability	VCID-sdjb-gp4t-vbgt

vulnerability	VCID-uq77-aax5-k7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.0

References

reference_url	https://typo3.org/security/advisory/typo3-core-sa-2021-009
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-core-sa-2021-009

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-32667
reference_id	CVE-2021-32667
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-32667

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a1g9-pyz5-9fca

Vulnerability Instance