Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-sfyd-qn7r-eqdg
Summary
Silverstripe CMS Open Redirect
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build.
Aliases
0
alias CVE-2015-5062
1
alias GHSA-fh35-p8ph-p545
Fixed_packages
Affected_packages
0
url pkg:composer/silverstripe/cms@3.1.13
purl pkg:composer/silverstripe/cms@3.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c84-9xxd-pub2
1
vulnerability VCID-5cd5-kmjz-h7bv
2
vulnerability VCID-efqa-bbj4-zyhd
3
vulnerability VCID-sfyd-qn7r-eqdg
4
vulnerability VCID-wdcz-6vpn-ffd8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/cms@3.1.13
1
url pkg:composer/silverstripe/framework@3.1.13
purl pkg:composer/silverstripe/framework@3.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1uhv-fetz-j7fd
1
vulnerability VCID-36z3-nafq-6kez
2
vulnerability VCID-3x46-q9cb-7ubg
3
vulnerability VCID-4n9x-x4kd-jyfu
4
vulnerability VCID-7ek4-6y31-1qcs
5
vulnerability VCID-at1s-qxsg-5yfs
6
vulnerability VCID-b7xq-cz8w-ubgm
7
vulnerability VCID-b95v-49p7-fkas
8
vulnerability VCID-c437-w2zy-y7c9
9
vulnerability VCID-c6bz-jwhm-vkgp
10
vulnerability VCID-evh4-xq48-4fa6
11
vulnerability VCID-ewg1-jqza-eyez
12
vulnerability VCID-ggbg-8mtc-hudc
13
vulnerability VCID-gkkp-9fm7-jfaz
14
vulnerability VCID-h4k6-fruf-uqff
15
vulnerability VCID-hnhv-qx7p-wqcw
16
vulnerability VCID-hnme-cqff-c7dp
17
vulnerability VCID-m5rs-qptc-vued
18
vulnerability VCID-nu3h-nb1g-67bs
19
vulnerability VCID-q939-fszs-wfdp
20
vulnerability VCID-qdwg-f2bx-1bay
21
vulnerability VCID-rrmd-ud59-ffbp
22
vulnerability VCID-sfyd-qn7r-eqdg
23
vulnerability VCID-t81f-5b8z-hyht
24
vulnerability VCID-twrb-6j51-aqcy
25
vulnerability VCID-vatm-1vbd-bfam
26
vulnerability VCID-yfuu-th6b-nba4
27
vulnerability VCID-z28b-1yrx-1bbn
28
vulnerability VCID-zckr-zxq4-jyev
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.13
References
0
reference_url http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt
1
reference_url http://packetstormsecurity.com/files/132223/SilverStripe-CMS-3.1.13-XSS-Open-Redirect.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/132223/SilverStripe-CMS-3.1.13-XSS-Open-Redirect.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5062
reference_id
reference_type
scores
0
value 0.00347
scoring_system epss
scoring_elements 0.57558
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5062
3
reference_url https://web.archive.org/web/20200228091958/http://www.securityfocus.com/bid/75419
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228091958/http://www.securityfocus.com/bid/75419
4
reference_url https://web.archive.org/web/20201209000421/http://www.securityfocus.com/archive/1/535716/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201209000421/http://www.securityfocus.com/archive/1/535716/100/0/threaded
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5062
reference_id CVE-2015-5062
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5062
6
reference_url https://github.com/advisories/GHSA-fh35-p8ph-p545
reference_id GHSA-fh35-p8ph-p545
reference_type
scores
url https://github.com/advisories/GHSA-fh35-p8ph-p545
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 601
name URL Redirection to Untrusted Site ('Open Redirect')
description A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-sfyd-qn7r-eqdg