Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-jtky-62am-k7hz

Summary

Cross-site Scripting
TYPO3 Fluid is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid - `TagBasedViewHelper` allowed XSS through maliciously crafted additionalAttributes arrays by creating keys with attribute-closing quotes followed by HTML. When rendering such attributes, `TagBuilder` would not escape the keys. `ViewHelpers` which used the `CompileWithContentArgumentAndRenderStatic` trait, and which declared escapeOutput = false, would receive the content argument in unescaped format. Subclasses of `AbstractConditionViewHelper` would receive the then and else arguments in unescaped format. More details are available in the linked advisory.

Aliases

alias	CVE-2020-26216

alias	GHSA-hpjm-3ww5-6cpf

Fixed_packages

url	pkg:composer/typo3fluid/fluid@2.0.8
purl	pkg:composer/typo3fluid/fluid@2.0.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.8

url	pkg:composer/typo3fluid/fluid@2.1.7
purl	pkg:composer/typo3fluid/fluid@2.1.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.7

url	pkg:composer/typo3fluid/fluid@2.2.4
purl	pkg:composer/typo3fluid/fluid@2.2.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.2.4

url	pkg:composer/typo3fluid/fluid@2.3.7
purl	pkg:composer/typo3fluid/fluid@2.3.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.7

url	pkg:composer/typo3fluid/fluid@2.4.4
purl	pkg:composer/typo3fluid/fluid@2.4.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.4.4

url	pkg:composer/typo3fluid/fluid@2.5.11
purl	pkg:composer/typo3fluid/fluid@2.5.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.11

url	pkg:composer/typo3fluid/fluid@2.6.10
purl	pkg:composer/typo3fluid/fluid@2.6.10
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.10

Affected_packages

url pkg:composer/typo3fluid/fluid@1.0.0

purl pkg:composer/typo3fluid/fluid@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.0

url pkg:composer/typo3fluid/fluid@1.0.1

purl pkg:composer/typo3fluid/fluid@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.1

url pkg:composer/typo3fluid/fluid@1.0.2

purl pkg:composer/typo3fluid/fluid@1.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.2

url pkg:composer/typo3fluid/fluid@1.0.3

purl pkg:composer/typo3fluid/fluid@1.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.3

url pkg:composer/typo3fluid/fluid@1.0.4

purl pkg:composer/typo3fluid/fluid@1.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.4

url pkg:composer/typo3fluid/fluid@1.0.5

purl pkg:composer/typo3fluid/fluid@1.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.5

url pkg:composer/typo3fluid/fluid@1.0.6

purl pkg:composer/typo3fluid/fluid@1.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.6

url pkg:composer/typo3fluid/fluid@1.0.7

purl pkg:composer/typo3fluid/fluid@1.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.7

url pkg:composer/typo3fluid/fluid@1.0.8

purl pkg:composer/typo3fluid/fluid@1.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.8

url pkg:composer/typo3fluid/fluid@1.0.9

purl pkg:composer/typo3fluid/fluid@1.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.9

url pkg:composer/typo3fluid/fluid@1.0.10

purl pkg:composer/typo3fluid/fluid@1.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.10

url pkg:composer/typo3fluid/fluid@1.0.11

purl pkg:composer/typo3fluid/fluid@1.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.0.11

url pkg:composer/typo3fluid/fluid@1.1.0

purl pkg:composer/typo3fluid/fluid@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.1.0

url pkg:composer/typo3fluid/fluid@1.1.1

purl pkg:composer/typo3fluid/fluid@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.1.1

url pkg:composer/typo3fluid/fluid@1.1.2

purl pkg:composer/typo3fluid/fluid@1.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@1.1.2

url pkg:composer/typo3fluid/fluid@2.0.0

purl pkg:composer/typo3fluid/fluid@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.0

url pkg:composer/typo3fluid/fluid@2.0.1

purl pkg:composer/typo3fluid/fluid@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.1

url pkg:composer/typo3fluid/fluid@2.0.2

purl pkg:composer/typo3fluid/fluid@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.2

url pkg:composer/typo3fluid/fluid@2.0.3

purl pkg:composer/typo3fluid/fluid@2.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.3

url pkg:composer/typo3fluid/fluid@2.0.4

purl pkg:composer/typo3fluid/fluid@2.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.4

url pkg:composer/typo3fluid/fluid@2.0.5

purl pkg:composer/typo3fluid/fluid@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.5

url pkg:composer/typo3fluid/fluid@2.0.6

purl pkg:composer/typo3fluid/fluid@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.6

url pkg:composer/typo3fluid/fluid@2.0.7

purl pkg:composer/typo3fluid/fluid@2.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.0.7

url pkg:composer/typo3fluid/fluid@2.1.0

purl pkg:composer/typo3fluid/fluid@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.0

url pkg:composer/typo3fluid/fluid@2.1.1

purl pkg:composer/typo3fluid/fluid@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.1

url pkg:composer/typo3fluid/fluid@2.1.2

purl pkg:composer/typo3fluid/fluid@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.2

url pkg:composer/typo3fluid/fluid@2.1.3

purl pkg:composer/typo3fluid/fluid@2.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.3

url pkg:composer/typo3fluid/fluid@2.1.4

purl pkg:composer/typo3fluid/fluid@2.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.4

url pkg:composer/typo3fluid/fluid@2.1.5

purl pkg:composer/typo3fluid/fluid@2.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.5

url pkg:composer/typo3fluid/fluid@2.1.6

purl pkg:composer/typo3fluid/fluid@2.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.1.6

url pkg:composer/typo3fluid/fluid@2.2.0

purl pkg:composer/typo3fluid/fluid@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.2.0

url pkg:composer/typo3fluid/fluid@2.2.1

purl pkg:composer/typo3fluid/fluid@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.2.1

url pkg:composer/typo3fluid/fluid@2.2.2

purl pkg:composer/typo3fluid/fluid@2.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.2.2

url pkg:composer/typo3fluid/fluid@2.2.3

purl pkg:composer/typo3fluid/fluid@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.2.3

url pkg:composer/typo3fluid/fluid@2.3.0

purl pkg:composer/typo3fluid/fluid@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.0

url pkg:composer/typo3fluid/fluid@2.3.1

purl pkg:composer/typo3fluid/fluid@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.1

url pkg:composer/typo3fluid/fluid@2.3.2

purl pkg:composer/typo3fluid/fluid@2.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.2

url pkg:composer/typo3fluid/fluid@2.3.3

purl pkg:composer/typo3fluid/fluid@2.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.3

url pkg:composer/typo3fluid/fluid@2.3.4

purl pkg:composer/typo3fluid/fluid@2.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.4

url pkg:composer/typo3fluid/fluid@2.3.5

purl pkg:composer/typo3fluid/fluid@2.3.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.5

url pkg:composer/typo3fluid/fluid@2.3.6

purl pkg:composer/typo3fluid/fluid@2.3.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.3.6

url pkg:composer/typo3fluid/fluid@2.4.0

purl pkg:composer/typo3fluid/fluid@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.4.0

url pkg:composer/typo3fluid/fluid@2.4.1

purl pkg:composer/typo3fluid/fluid@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.4.1

url pkg:composer/typo3fluid/fluid@2.4.2

purl pkg:composer/typo3fluid/fluid@2.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.4.2

url pkg:composer/typo3fluid/fluid@2.4.3

purl pkg:composer/typo3fluid/fluid@2.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.4.3

url pkg:composer/typo3fluid/fluid@2.5.0

purl pkg:composer/typo3fluid/fluid@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.0

url pkg:composer/typo3fluid/fluid@2.5.1

purl pkg:composer/typo3fluid/fluid@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.1

url pkg:composer/typo3fluid/fluid@2.5.2

purl pkg:composer/typo3fluid/fluid@2.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.2

url pkg:composer/typo3fluid/fluid@2.5.3

purl pkg:composer/typo3fluid/fluid@2.5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.3

url pkg:composer/typo3fluid/fluid@2.5.4

purl pkg:composer/typo3fluid/fluid@2.5.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.4

url pkg:composer/typo3fluid/fluid@2.5.5

purl pkg:composer/typo3fluid/fluid@2.5.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.5

url pkg:composer/typo3fluid/fluid@2.5.6

purl pkg:composer/typo3fluid/fluid@2.5.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.6

url pkg:composer/typo3fluid/fluid@2.5.7

purl pkg:composer/typo3fluid/fluid@2.5.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.7

url pkg:composer/typo3fluid/fluid@2.5.8

purl pkg:composer/typo3fluid/fluid@2.5.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.8

url pkg:composer/typo3fluid/fluid@2.5.9

purl pkg:composer/typo3fluid/fluid@2.5.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.9

url pkg:composer/typo3fluid/fluid@2.5.10

purl pkg:composer/typo3fluid/fluid@2.5.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.5.10

url pkg:composer/typo3fluid/fluid@2.6.0

purl pkg:composer/typo3fluid/fluid@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cbmm-1b2k-8qaz

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.0

url pkg:composer/typo3fluid/fluid@2.6.1

purl pkg:composer/typo3fluid/fluid@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.1

url pkg:composer/typo3fluid/fluid@2.6.2

purl pkg:composer/typo3fluid/fluid@2.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.2

url pkg:composer/typo3fluid/fluid@2.6.3

purl pkg:composer/typo3fluid/fluid@2.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.3

url pkg:composer/typo3fluid/fluid@2.6.4

purl pkg:composer/typo3fluid/fluid@2.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.4

url pkg:composer/typo3fluid/fluid@2.6.5

purl pkg:composer/typo3fluid/fluid@2.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.5

url pkg:composer/typo3fluid/fluid@2.6.6

purl pkg:composer/typo3fluid/fluid@2.6.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.6

url pkg:composer/typo3fluid/fluid@2.6.7

purl pkg:composer/typo3fluid/fluid@2.6.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.7

url pkg:composer/typo3fluid/fluid@2.6.8

purl pkg:composer/typo3fluid/fluid@2.6.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.8

url pkg:composer/typo3fluid/fluid@2.6.9

purl pkg:composer/typo3fluid/fluid@2.6.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jtky-62am-k7hz

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3fluid/fluid@2.6.9

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-26216

reference_id

reference_type

scores

value	0.00583
scoring_system	epss
scoring_elements	0.69376
published_at	2026-06-04T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.69402
published_at	2026-06-08T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.69414
published_at	2026-06-07T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.69424
published_at	2026-06-06T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.69416
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-26216

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3fluid/fluid/CVE-2020-26216.yaml

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3fluid/fluid/CVE-2020-26216.yaml

reference_url

https://github.com/TYPO3/Fluid/commit/f20db4e74cf9803c6cffca2ed2f03e1b0b89d0dc

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/Fluid/commit/f20db4e74cf9803c6cffca2ed2f03e1b0b89d0dc

reference_url

https://github.com/TYPO3/Fluid/security/advisories/GHSA-hpjm-3ww5-6cpf

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/Fluid/security/advisories/GHSA-hpjm-3ww5-6cpf

reference_url

https://typo3.org/security/advisory/typo3-core-sa-2020-009

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2020-009

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-26216

reference_id

CVE-2020-26216

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-26216

reference_url

https://github.com/advisories/GHSA-hpjm-3ww5-6cpf

reference_id

GHSA-hpjm-3ww5-6cpf

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hpjm-3ww5-6cpf

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtky-62am-k7hz

Vulnerability Instance