Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-t5xa-hsz5-mbh5
Summary
Drupal Cross-Site Scripting vulnerability
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
Aliases
0
alias CVE-2011-2714
1
alias GHSA-qp8q-gwf5-hqh2
Fixed_packages
0
url pkg:composer/drupal/core@8.0.0
purl pkg:composer/drupal/core@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-3sr6-86jw-6fb9
7
vulnerability VCID-48ut-ykkc-83fx
8
vulnerability VCID-4aer-46u2-23f6
9
vulnerability VCID-4wwt-vt76-dbe1
10
vulnerability VCID-53h1-sj47-gugn
11
vulnerability VCID-565p-mgqe-gkfc
12
vulnerability VCID-5kh7-v1uc-wfha
13
vulnerability VCID-636u-5bdw-puh4
14
vulnerability VCID-6ck5-9e5b-w3ay
15
vulnerability VCID-6m8x-cfzp-tkf4
16
vulnerability VCID-77zc-1gc8-r7b7
17
vulnerability VCID-7fs3-gwc7-nkes
18
vulnerability VCID-9f24-vqyt-r7dq
19
vulnerability VCID-9ss3-mvt3-8bem
20
vulnerability VCID-9vdz-1jpq-kue3
21
vulnerability VCID-9wt5-xe6d-n3cb
22
vulnerability VCID-b4yh-gyrx-3yhh
23
vulnerability VCID-bbzr-hbhv-yyee
24
vulnerability VCID-bkxp-gn34-67av
25
vulnerability VCID-c9dm-17vt-4bbc
26
vulnerability VCID-cucx-jfqf-pkd1
27
vulnerability VCID-cuk6-hskr-yyau
28
vulnerability VCID-d4qd-ut89-gbf4
29
vulnerability VCID-dgjq-y5zj-cud1
30
vulnerability VCID-djgn-ezxp-37eu
31
vulnerability VCID-dqf8-ea9f-yber
32
vulnerability VCID-ed6y-c9tz-mbds
33
vulnerability VCID-en3b-g3f3-a3e3
34
vulnerability VCID-fm5k-u7s6-wfhb
35
vulnerability VCID-fwbj-ctxz-2bc6
36
vulnerability VCID-g1rp-twzp-63e1
37
vulnerability VCID-g33x-1paw-7udm
38
vulnerability VCID-ga35-289v-vqhr
39
vulnerability VCID-gzcu-sbks-wyfa
40
vulnerability VCID-h6yp-zj5e-zkbm
41
vulnerability VCID-hgb1-xrne-e7c8
42
vulnerability VCID-hpsp-5qtj-v7dq
43
vulnerability VCID-hwnd-nuv7-jqbh
44
vulnerability VCID-hzr8-ttbu-ebhg
45
vulnerability VCID-j21d-w3g7-cbcg
46
vulnerability VCID-jctf-yffu-hbag
47
vulnerability VCID-jnu7-1j9c-dqck
48
vulnerability VCID-jrb8-jnz4-83c8
49
vulnerability VCID-k1gx-nznx-7qd6
50
vulnerability VCID-kam1-84p4-qych
51
vulnerability VCID-kdnk-7mz5-7ugf
52
vulnerability VCID-krhy-kg1b-rfbk
53
vulnerability VCID-kwe1-gm4m-tkgf
54
vulnerability VCID-m1ur-bb9m-m7d5
55
vulnerability VCID-mapb-hsvc-2khc
56
vulnerability VCID-mt37-qzh7-gyfv
57
vulnerability VCID-n119-gta2-kfg1
58
vulnerability VCID-n7un-zgqv-jfef
59
vulnerability VCID-nc36-atc6-yua6
60
vulnerability VCID-nd8n-5dsu-2fbp
61
vulnerability VCID-qvbt-7e55-4bg4
62
vulnerability VCID-rhj7-dy7q-jkhw
63
vulnerability VCID-rr4q-f5cv-nkah
64
vulnerability VCID-s8u8-xbdk-87dj
65
vulnerability VCID-sktb-khbq-cuaq
66
vulnerability VCID-ssyn-dxp9-3kdq
67
vulnerability VCID-st6v-ch5g-r7h2
68
vulnerability VCID-syrg-ckq7-cbd6
69
vulnerability VCID-u1xx-aazv-bkg5
70
vulnerability VCID-u4w3-usvb-jyf6
71
vulnerability VCID-u5wt-ndvn-3ffg
72
vulnerability VCID-ummk-h11z-bkaj
73
vulnerability VCID-uqcw-p8g2-cfd2
74
vulnerability VCID-v9v6-ae3e-g3hk
75
vulnerability VCID-vevm-4sfk-f7gq
76
vulnerability VCID-vrdx-165p-efda
77
vulnerability VCID-vy1y-zkf3-4ue4
78
vulnerability VCID-w6cz-mg4v-3udj
79
vulnerability VCID-wabj-ty5p-pfd6
80
vulnerability VCID-wbuz-qcp3-43aq
81
vulnerability VCID-ww44-hb2y-mfd5
82
vulnerability VCID-wwvq-399y-rfhc
83
vulnerability VCID-wzgs-fr3u-cbdn
84
vulnerability VCID-x2as-f9fx-9kff
85
vulnerability VCID-xumx-m3zz-jkh6
86
vulnerability VCID-y74s-ghyc-2bhs
87
vulnerability VCID-yare-57j9-j7cs
88
vulnerability VCID-ymka-jfep-87gt
89
vulnerability VCID-yrzt-3m97-53ce
90
vulnerability VCID-yty5-zn46-r3dj
91
vulnerability VCID-zawz-vky5-tkgt
92
vulnerability VCID-zvtp-4we3-qygx
93
vulnerability VCID-zw3u-6ue7-efdf
94
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0
1
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
Affected_packages
0
url pkg:composer/drupal/core@6.20.0
purl pkg:composer/drupal/core@6.20.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8b29-85h4-zkhc
1
vulnerability VCID-t5xa-hsz5-mbh5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@6.20.0
1
url pkg:composer/drupal/drupal@6.20.0
purl pkg:composer/drupal/drupal@6.20.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8b29-85h4-zkhc
1
vulnerability VCID-t5xa-hsz5-mbh5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@6.20.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2714
reference_id
reference_type
scores
0
value 0.00528
scoring_system epss
scoring_elements 0.67062
published_at 2026-04-01T12:55:00Z
1
value 0.00528
scoring_system epss
scoring_elements 0.67168
published_at 2026-04-16T12:55:00Z
2
value 0.00528
scoring_system epss
scoring_elements 0.67134
published_at 2026-04-13T12:55:00Z
3
value 0.00528
scoring_system epss
scoring_elements 0.67165
published_at 2026-04-12T12:55:00Z
4
value 0.00528
scoring_system epss
scoring_elements 0.67179
published_at 2026-04-11T12:55:00Z
5
value 0.00528
scoring_system epss
scoring_elements 0.6716
published_at 2026-04-09T12:55:00Z
6
value 0.00528
scoring_system epss
scoring_elements 0.67147
published_at 2026-04-08T12:55:00Z
7
value 0.00528
scoring_system epss
scoring_elements 0.67097
published_at 2026-04-07T12:55:00Z
8
value 0.00528
scoring_system epss
scoring_elements 0.67123
published_at 2026-04-04T12:55:00Z
9
value 0.00528
scoring_system epss
scoring_elements 0.67099
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2714
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2714
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2714
3
reference_url https://seclists.org/fulldisclosure/2011/Feb/219
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2011/Feb/219
4
reference_url https://www.drupal.org/node/1056470
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/node/1056470
5
reference_url https://www.openwall.com/lists/oss-security/2011/07/26/8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2011/07/26/8
6
reference_url https://github.com/advisories/GHSA-qp8q-gwf5-hqh2
reference_id GHSA-qp8q-gwf5-hqh2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qp8q-gwf5-hqh2
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-t5xa-hsz5-mbh5