Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-s4j2-ppgk-sfh9
Summary
Cross-Site Request Forgery (CSRF)
The link to reset all templates of a database activity does not include the necessary token to prevent a CSRF risk.
Aliases
0
alias CVE-2023-28335
1
alias GHSA-wxmq-v9gx-75pg
Fixed_packages
0
url pkg:composer/moodle/moodle@4.1.2
purl pkg:composer/moodle/moodle@4.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17k8-g4xw-b7g9
1
vulnerability VCID-1efm-18zh-w7gm
2
vulnerability VCID-1wup-hjxg-f7g4
3
vulnerability VCID-1wzm-dhqv-43bj
4
vulnerability VCID-21mq-pewz-ekdt
5
vulnerability VCID-24bp-c9yc-gua4
6
vulnerability VCID-29mv-feyq-guew
7
vulnerability VCID-2urf-d2qr-abdy
8
vulnerability VCID-2wsu-7rzh-h7cs
9
vulnerability VCID-3nu2-1cwj-sfdd
10
vulnerability VCID-3nvq-s7y5-fufr
11
vulnerability VCID-3yre-ft3n-2fd3
12
vulnerability VCID-44zf-1dw7-qkf5
13
vulnerability VCID-4c9d-jf9g-u3gn
14
vulnerability VCID-4svp-grnb-2fh3
15
vulnerability VCID-4zvp-nmrk-4qbq
16
vulnerability VCID-5ba5-pee7-6kh1
17
vulnerability VCID-5s33-v19s-sqd6
18
vulnerability VCID-5snb-dyv3-efe9
19
vulnerability VCID-5xhb-mx3v-fuhs
20
vulnerability VCID-61ry-zz34-8qhj
21
vulnerability VCID-657g-68tv-dkam
22
vulnerability VCID-6726-ca8y-4uez
23
vulnerability VCID-6cvg-r9am-wbh5
24
vulnerability VCID-6p1s-2r14-z7ax
25
vulnerability VCID-7p54-yn8k-aydw
26
vulnerability VCID-7rqc-eepq-43ds
27
vulnerability VCID-7trf-g8dq-tua1
28
vulnerability VCID-7x6e-qege-ufdv
29
vulnerability VCID-893t-9cja-43g2
30
vulnerability VCID-8d9n-ejbb-7fa1
31
vulnerability VCID-8uah-srba-6ubb
32
vulnerability VCID-9rqr-xzr8-5fgf
33
vulnerability VCID-9xk9-qb9x-jfcs
34
vulnerability VCID-a1ek-x154-5ydy
35
vulnerability VCID-ajrr-8392-kkcw
36
vulnerability VCID-b3vw-8hzh-dybx
37
vulnerability VCID-d8gp-tuxy-3qdf
38
vulnerability VCID-d92c-j4yy-fud3
39
vulnerability VCID-dky9-v96e-pubh
40
vulnerability VCID-dp61-6ban-cyda
41
vulnerability VCID-evef-t6cx-vqcc
42
vulnerability VCID-f1da-1duc-2uhb
43
vulnerability VCID-ffp4-23na-rkgr
44
vulnerability VCID-g3km-hbas-x3cg
45
vulnerability VCID-gepg-y7ud-cuds
46
vulnerability VCID-gwnb-e3gt-kqcb
47
vulnerability VCID-gycn-bey2-4yam
48
vulnerability VCID-gzdw-424p-mqfa
49
vulnerability VCID-hmuw-bjax-37bz
50
vulnerability VCID-hsk6-h5ky-g3cx
51
vulnerability VCID-hufb-p6pa-63c9
52
vulnerability VCID-j3ts-5ghc-4qct
53
vulnerability VCID-jarn-rtuz-wucq
54
vulnerability VCID-jfsu-ya7r-h3e1
55
vulnerability VCID-jkyc-esnt-p3ay
56
vulnerability VCID-m2a7-q28u-1yfw
57
vulnerability VCID-m3jj-r66a-d7cv
58
vulnerability VCID-m9tk-fa8m-zbah
59
vulnerability VCID-mhh7-n7ut-hkh6
60
vulnerability VCID-mnx8-118d-efcr
61
vulnerability VCID-ms4e-v5zc-9kgc
62
vulnerability VCID-ngar-aydn-eye4
63
vulnerability VCID-pd2f-4kxt-bkgp
64
vulnerability VCID-pged-191y-quhm
65
vulnerability VCID-qabh-bpmn-1ye5
66
vulnerability VCID-qan2-5dd9-myhg
67
vulnerability VCID-qruy-fs4p-43h1
68
vulnerability VCID-r1ug-e8x6-83gt
69
vulnerability VCID-r4m3-9prr-dkby
70
vulnerability VCID-r5w9-cbyk-hqc6
71
vulnerability VCID-rm2q-xde7-a3ej
72
vulnerability VCID-s7pu-hgz5-zfbq
73
vulnerability VCID-sdxf-f1b3-t3cc
74
vulnerability VCID-sgdq-5ha7-nfh2
75
vulnerability VCID-t8vm-tfnq-5kak
76
vulnerability VCID-team-9wba-yufc
77
vulnerability VCID-tgs8-3n7x-cyc1
78
vulnerability VCID-ueyy-v42v-7ydh
79
vulnerability VCID-umd1-pmr4-4bgs
80
vulnerability VCID-utsj-g57g-cbeb
81
vulnerability VCID-vsrk-zp7j-w7bk
82
vulnerability VCID-vve8-f9s9-v7ft
83
vulnerability VCID-wby4-h9ud-1yh5
84
vulnerability VCID-wwny-t2ez-y3e1
85
vulnerability VCID-wwx4-ns21-k3hd
86
vulnerability VCID-wytb-bryq-yqb4
87
vulnerability VCID-x1pc-1kuc-kug2
88
vulnerability VCID-y4g2-328f-qbge
89
vulnerability VCID-yby1-g45r-rugg
90
vulnerability VCID-yc6t-am1p-x3ev
91
vulnerability VCID-ykj6-ptd4-7qfs
92
vulnerability VCID-ytd5-2swj-wkh1
93
vulnerability VCID-z5u9-5522-h7fx
94
vulnerability VCID-zjqu-hbpf-9qe1
95
vulnerability VCID-zrjj-atms-8uf9
96
vulnerability VCID-ztjp-76rp-hfhk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2
Affected_packages
0
url pkg:composer/moodle/moodle@4.1.0
purl pkg:composer/moodle/moodle@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17k8-g4xw-b7g9
1
vulnerability VCID-1efm-18zh-w7gm
2
vulnerability VCID-1wup-hjxg-f7g4
3
vulnerability VCID-1wzm-dhqv-43bj
4
vulnerability VCID-21mq-pewz-ekdt
5
vulnerability VCID-24bp-c9yc-gua4
6
vulnerability VCID-29mv-feyq-guew
7
vulnerability VCID-2urf-d2qr-abdy
8
vulnerability VCID-2wsu-7rzh-h7cs
9
vulnerability VCID-2z6d-qf96-kyb4
10
vulnerability VCID-33ss-gb34-8ke5
11
vulnerability VCID-3ept-fdps-5fe5
12
vulnerability VCID-3nu2-1cwj-sfdd
13
vulnerability VCID-3nvq-s7y5-fufr
14
vulnerability VCID-3yre-ft3n-2fd3
15
vulnerability VCID-44zf-1dw7-qkf5
16
vulnerability VCID-4c9d-jf9g-u3gn
17
vulnerability VCID-4svp-grnb-2fh3
18
vulnerability VCID-4zvp-nmrk-4qbq
19
vulnerability VCID-5ba5-pee7-6kh1
20
vulnerability VCID-5bfe-hk7m-7bh6
21
vulnerability VCID-5q1e-b4e8-jbc8
22
vulnerability VCID-5rk8-v6bb-6ugh
23
vulnerability VCID-5s33-v19s-sqd6
24
vulnerability VCID-5snb-dyv3-efe9
25
vulnerability VCID-5xhb-mx3v-fuhs
26
vulnerability VCID-61ry-zz34-8qhj
27
vulnerability VCID-657g-68tv-dkam
28
vulnerability VCID-6726-ca8y-4uez
29
vulnerability VCID-6cvg-r9am-wbh5
30
vulnerability VCID-6p1s-2r14-z7ax
31
vulnerability VCID-7p54-yn8k-aydw
32
vulnerability VCID-7rqc-eepq-43ds
33
vulnerability VCID-7trf-g8dq-tua1
34
vulnerability VCID-7x6e-qege-ufdv
35
vulnerability VCID-893t-9cja-43g2
36
vulnerability VCID-8d9n-ejbb-7fa1
37
vulnerability VCID-8uah-srba-6ubb
38
vulnerability VCID-9rqr-xzr8-5fgf
39
vulnerability VCID-9xk9-qb9x-jfcs
40
vulnerability VCID-a1ek-x154-5ydy
41
vulnerability VCID-ajrr-8392-kkcw
42
vulnerability VCID-b3vw-8hzh-dybx
43
vulnerability VCID-b994-r5mw-3fbg
44
vulnerability VCID-cbzx-gnhr-pfap
45
vulnerability VCID-d8gp-tuxy-3qdf
46
vulnerability VCID-d92c-j4yy-fud3
47
vulnerability VCID-dky9-v96e-pubh
48
vulnerability VCID-dp61-6ban-cyda
49
vulnerability VCID-dvrf-62nt-2kdp
50
vulnerability VCID-evef-t6cx-vqcc
51
vulnerability VCID-f1da-1duc-2uhb
52
vulnerability VCID-ffp4-23na-rkgr
53
vulnerability VCID-g3km-hbas-x3cg
54
vulnerability VCID-gepg-y7ud-cuds
55
vulnerability VCID-gwnb-e3gt-kqcb
56
vulnerability VCID-gycn-bey2-4yam
57
vulnerability VCID-gzdw-424p-mqfa
58
vulnerability VCID-hmuw-bjax-37bz
59
vulnerability VCID-hsk6-h5ky-g3cx
60
vulnerability VCID-hufb-p6pa-63c9
61
vulnerability VCID-j3ts-5ghc-4qct
62
vulnerability VCID-jarn-rtuz-wucq
63
vulnerability VCID-jfsu-ya7r-h3e1
64
vulnerability VCID-jkyc-esnt-p3ay
65
vulnerability VCID-m2a7-q28u-1yfw
66
vulnerability VCID-m3jj-r66a-d7cv
67
vulnerability VCID-m9tk-fa8m-zbah
68
vulnerability VCID-mhh7-n7ut-hkh6
69
vulnerability VCID-mnx8-118d-efcr
70
vulnerability VCID-ms4e-v5zc-9kgc
71
vulnerability VCID-ngar-aydn-eye4
72
vulnerability VCID-pd2f-4kxt-bkgp
73
vulnerability VCID-pged-191y-quhm
74
vulnerability VCID-qabh-bpmn-1ye5
75
vulnerability VCID-qan2-5dd9-myhg
76
vulnerability VCID-qruy-fs4p-43h1
77
vulnerability VCID-r1ug-e8x6-83gt
78
vulnerability VCID-r4m3-9prr-dkby
79
vulnerability VCID-r5w9-cbyk-hqc6
80
vulnerability VCID-rm2q-xde7-a3ej
81
vulnerability VCID-s4j2-ppgk-sfh9
82
vulnerability VCID-s7pu-hgz5-zfbq
83
vulnerability VCID-sdxf-f1b3-t3cc
84
vulnerability VCID-sgdq-5ha7-nfh2
85
vulnerability VCID-sz1m-v8wf-nqgx
86
vulnerability VCID-t8vm-tfnq-5kak
87
vulnerability VCID-team-9wba-yufc
88
vulnerability VCID-tgs8-3n7x-cyc1
89
vulnerability VCID-ueyy-v42v-7ydh
90
vulnerability VCID-umd1-pmr4-4bgs
91
vulnerability VCID-utsj-g57g-cbeb
92
vulnerability VCID-vsrk-zp7j-w7bk
93
vulnerability VCID-vve8-f9s9-v7ft
94
vulnerability VCID-wby4-h9ud-1yh5
95
vulnerability VCID-wwny-t2ez-y3e1
96
vulnerability VCID-wwx4-ns21-k3hd
97
vulnerability VCID-wytb-bryq-yqb4
98
vulnerability VCID-x1pc-1kuc-kug2
99
vulnerability VCID-y4g2-328f-qbge
100
vulnerability VCID-yby1-g45r-rugg
101
vulnerability VCID-yc6t-am1p-x3ev
102
vulnerability VCID-ykj6-ptd4-7qfs
103
vulnerability VCID-ytd5-2swj-wkh1
104
vulnerability VCID-yxag-fghx-47ej
105
vulnerability VCID-z5u9-5522-h7fx
106
vulnerability VCID-zjqu-hbpf-9qe1
107
vulnerability VCID-zrjj-atms-8uf9
108
vulnerability VCID-ztjp-76rp-hfhk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.0
1
url pkg:composer/moodle/moodle@4.1.1
purl pkg:composer/moodle/moodle@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17k8-g4xw-b7g9
1
vulnerability VCID-1efm-18zh-w7gm
2
vulnerability VCID-1wup-hjxg-f7g4
3
vulnerability VCID-1wzm-dhqv-43bj
4
vulnerability VCID-21mq-pewz-ekdt
5
vulnerability VCID-24bp-c9yc-gua4
6
vulnerability VCID-29mv-feyq-guew
7
vulnerability VCID-2urf-d2qr-abdy
8
vulnerability VCID-2wsu-7rzh-h7cs
9
vulnerability VCID-2z6d-qf96-kyb4
10
vulnerability VCID-3ept-fdps-5fe5
11
vulnerability VCID-3nu2-1cwj-sfdd
12
vulnerability VCID-3nvq-s7y5-fufr
13
vulnerability VCID-3yre-ft3n-2fd3
14
vulnerability VCID-44zf-1dw7-qkf5
15
vulnerability VCID-4c9d-jf9g-u3gn
16
vulnerability VCID-4svp-grnb-2fh3
17
vulnerability VCID-4zvp-nmrk-4qbq
18
vulnerability VCID-5ba5-pee7-6kh1
19
vulnerability VCID-5bfe-hk7m-7bh6
20
vulnerability VCID-5q1e-b4e8-jbc8
21
vulnerability VCID-5s33-v19s-sqd6
22
vulnerability VCID-5snb-dyv3-efe9
23
vulnerability VCID-5xhb-mx3v-fuhs
24
vulnerability VCID-61ry-zz34-8qhj
25
vulnerability VCID-657g-68tv-dkam
26
vulnerability VCID-6726-ca8y-4uez
27
vulnerability VCID-6cvg-r9am-wbh5
28
vulnerability VCID-6p1s-2r14-z7ax
29
vulnerability VCID-7p54-yn8k-aydw
30
vulnerability VCID-7rqc-eepq-43ds
31
vulnerability VCID-7trf-g8dq-tua1
32
vulnerability VCID-7x6e-qege-ufdv
33
vulnerability VCID-893t-9cja-43g2
34
vulnerability VCID-8d9n-ejbb-7fa1
35
vulnerability VCID-8uah-srba-6ubb
36
vulnerability VCID-9rqr-xzr8-5fgf
37
vulnerability VCID-9xk9-qb9x-jfcs
38
vulnerability VCID-a1ek-x154-5ydy
39
vulnerability VCID-ajrr-8392-kkcw
40
vulnerability VCID-b3vw-8hzh-dybx
41
vulnerability VCID-b994-r5mw-3fbg
42
vulnerability VCID-cbzx-gnhr-pfap
43
vulnerability VCID-d8gp-tuxy-3qdf
44
vulnerability VCID-d92c-j4yy-fud3
45
vulnerability VCID-dky9-v96e-pubh
46
vulnerability VCID-dp61-6ban-cyda
47
vulnerability VCID-dvrf-62nt-2kdp
48
vulnerability VCID-evef-t6cx-vqcc
49
vulnerability VCID-f1da-1duc-2uhb
50
vulnerability VCID-ffp4-23na-rkgr
51
vulnerability VCID-g3km-hbas-x3cg
52
vulnerability VCID-gepg-y7ud-cuds
53
vulnerability VCID-gwnb-e3gt-kqcb
54
vulnerability VCID-gycn-bey2-4yam
55
vulnerability VCID-gzdw-424p-mqfa
56
vulnerability VCID-hmuw-bjax-37bz
57
vulnerability VCID-hsk6-h5ky-g3cx
58
vulnerability VCID-hufb-p6pa-63c9
59
vulnerability VCID-j3ts-5ghc-4qct
60
vulnerability VCID-jarn-rtuz-wucq
61
vulnerability VCID-jfsu-ya7r-h3e1
62
vulnerability VCID-jkyc-esnt-p3ay
63
vulnerability VCID-m2a7-q28u-1yfw
64
vulnerability VCID-m3jj-r66a-d7cv
65
vulnerability VCID-m9tk-fa8m-zbah
66
vulnerability VCID-mhh7-n7ut-hkh6
67
vulnerability VCID-mnx8-118d-efcr
68
vulnerability VCID-ms4e-v5zc-9kgc
69
vulnerability VCID-ngar-aydn-eye4
70
vulnerability VCID-pd2f-4kxt-bkgp
71
vulnerability VCID-pged-191y-quhm
72
vulnerability VCID-qabh-bpmn-1ye5
73
vulnerability VCID-qan2-5dd9-myhg
74
vulnerability VCID-qruy-fs4p-43h1
75
vulnerability VCID-r1ug-e8x6-83gt
76
vulnerability VCID-r4m3-9prr-dkby
77
vulnerability VCID-r5w9-cbyk-hqc6
78
vulnerability VCID-rm2q-xde7-a3ej
79
vulnerability VCID-s4j2-ppgk-sfh9
80
vulnerability VCID-s7pu-hgz5-zfbq
81
vulnerability VCID-sdxf-f1b3-t3cc
82
vulnerability VCID-sgdq-5ha7-nfh2
83
vulnerability VCID-t8vm-tfnq-5kak
84
vulnerability VCID-team-9wba-yufc
85
vulnerability VCID-tgs8-3n7x-cyc1
86
vulnerability VCID-ueyy-v42v-7ydh
87
vulnerability VCID-umd1-pmr4-4bgs
88
vulnerability VCID-utsj-g57g-cbeb
89
vulnerability VCID-vsrk-zp7j-w7bk
90
vulnerability VCID-vve8-f9s9-v7ft
91
vulnerability VCID-wby4-h9ud-1yh5
92
vulnerability VCID-wwny-t2ez-y3e1
93
vulnerability VCID-wwx4-ns21-k3hd
94
vulnerability VCID-wytb-bryq-yqb4
95
vulnerability VCID-x1pc-1kuc-kug2
96
vulnerability VCID-y4g2-328f-qbge
97
vulnerability VCID-yby1-g45r-rugg
98
vulnerability VCID-yc6t-am1p-x3ev
99
vulnerability VCID-ykj6-ptd4-7qfs
100
vulnerability VCID-ytd5-2swj-wkh1
101
vulnerability VCID-yxag-fghx-47ej
102
vulnerability VCID-z5u9-5522-h7fx
103
vulnerability VCID-zjqu-hbpf-9qe1
104
vulnerability VCID-zrjj-atms-8uf9
105
vulnerability VCID-ztjp-76rp-hfhk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28335
reference_id
reference_type
scores
0
value 0.0037
scoring_system epss
scoring_elements 0.59208
published_at 2026-06-06T12:55:00Z
1
value 0.0037
scoring_system epss
scoring_elements 0.592
published_at 2026-06-07T12:55:00Z
2
value 0.0037
scoring_system epss
scoring_elements 0.59203
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28335
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179424
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T15:02:59Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2179424
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/355556c05f4a6d9e223164eff820cd34eb70cc35
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/355556c05f4a6d9e223164eff820cd34eb70cc35
4
reference_url https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=355556c05f4a6d9e223164eff820cd34eb70cc35
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=355556c05f4a6d9e223164eff820cd34eb70cc35
5
reference_url https://moodle.org/mod/forum/discuss.php?d=445067
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T15:02:59Z/
url https://moodle.org/mod/forum/discuss.php?d=445067
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-28335
reference_id CVE-2023-28335
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-28335
7
reference_url https://github.com/advisories/GHSA-wxmq-v9gx-75pg
reference_id GHSA-wxmq-v9gx-75pg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wxmq-v9gx-75pg
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 352
name Cross-Site Request Forgery (CSRF)
description The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-s4j2-ppgk-sfh9