Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-gpv4-4tpd-tbaa
Summary
TYPO3 Cross-Site Scripting in Frontend User Login
Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile.

Template patterns that are affected are

- ###FEUSER_[fieldName]### using system extension felogin
- <!--###USERNAME###--> for regular frontend rendering (pattern can be defined individually using TypoScript setting config.USERNAME_substToken)
Aliases
0
alias GHSA-2rcw-9hrm-8q7q
Fixed_packages
0
url pkg:composer/typo3/cms@7.6.32
purl pkg:composer/typo3/cms@7.6.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ev4k-5k1d-2bhu
1
vulnerability VCID-fqkx-v8t5-q3h6
2
vulnerability VCID-jp1p-rfxa-hyd9
3
vulnerability VCID-p7gd-anw2-1qbz
4
vulnerability VCID-tgyt-axv1-c7ag
5
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32
1
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-4eym-e6vt-8fbs
2
vulnerability VCID-7m6u-k5tp-gkhy
3
vulnerability VCID-848u-w88s-5bbe
4
vulnerability VCID-am6s-67bm-77dr
5
vulnerability VCID-bn3p-39sv-6fdg
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-fut7-bb1f-37g7
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-khpm-e1xb-hydb
12
vulnerability VCID-nney-azbc-pucg
13
vulnerability VCID-p7gd-anw2-1qbz
14
vulnerability VCID-pmvp-twk2-jqe4
15
vulnerability VCID-qv14-m93d-jyd9
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-ru6w-m6q6-27gn
18
vulnerability VCID-sdsa-mh76-kqch
19
vulnerability VCID-tgyt-axv1-c7ag
20
vulnerability VCID-u259-2sxq-tbct
21
vulnerability VCID-vw2r-g8yy-eyf4
22
vulnerability VCID-x5x1-w7yv-eye9
23
vulnerability VCID-xw1s-93bu-wuh9
24
vulnerability VCID-y7ds-p5r2-yuhq
25
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
2
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-3ye6-vqje-abh4
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-4eym-e6vt-8fbs
5
vulnerability VCID-4jck-w9ct-budk
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-am6s-67bm-77dr
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-k5t3-28es-h3ez
21
vulnerability VCID-khpm-e1xb-hydb
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-pmvp-twk2-jqe4
26
vulnerability VCID-qv14-m93d-jyd9
27
vulnerability VCID-rqrw-t2kj-mud8
28
vulnerability VCID-ru6w-m6q6-27gn
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-u259-2sxq-tbct
32
vulnerability VCID-vw2r-g8yy-eyf4
33
vulnerability VCID-x5x1-w7yv-eye9
34
vulnerability VCID-xw1s-93bu-wuh9
35
vulnerability VCID-y7ds-p5r2-yuhq
36
vulnerability VCID-zeut-9wfp-q7et
37
vulnerability VCID-zkvq-bms4-gfcv
38
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
Affected_packages
0
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u4r-r97q-3yfk
1
vulnerability VCID-28fn-ncj5-2ufk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-5ru2-1n1f-afa4
5
vulnerability VCID-66kh-c1dm-8fbf
6
vulnerability VCID-6u6t-uy5y-5fd6
7
vulnerability VCID-7n9x-c9gs-9yb3
8
vulnerability VCID-953t-q1cr-zyd6
9
vulnerability VCID-9899-uxyb-73gg
10
vulnerability VCID-abjx-8v46-d7d8
11
vulnerability VCID-ansr-8m5j-pya6
12
vulnerability VCID-c57c-akce-xufq
13
vulnerability VCID-cgqm-1wwf-kbg6
14
vulnerability VCID-dsqm-9q3e-dudw
15
vulnerability VCID-dwjk-7sqh-hqa8
16
vulnerability VCID-dyhd-5p1e-fya6
17
vulnerability VCID-e1gr-txgg-fqa6
18
vulnerability VCID-e1ms-4r4s-g7e7
19
vulnerability VCID-e2bk-pfbe-puek
20
vulnerability VCID-e82x-2cdb-7fgn
21
vulnerability VCID-ec17-eauu-67d3
22
vulnerability VCID-ev4k-5k1d-2bhu
23
vulnerability VCID-fdnw-2tz5-4fdr
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-gpv4-4tpd-tbaa
26
vulnerability VCID-hp99-ncuh-6ugv
27
vulnerability VCID-hyx9-8ae6-sba8
28
vulnerability VCID-j6x1-dfre-2bdq
29
vulnerability VCID-jp1p-rfxa-hyd9
30
vulnerability VCID-jq5y-7h9g-mufa
31
vulnerability VCID-jwb1-3sbg-kfa5
32
vulnerability VCID-jx9x-wxwq-5khx
33
vulnerability VCID-n18b-qe5x-z7cj
34
vulnerability VCID-nhjv-nke2-2kf8
35
vulnerability VCID-njsj-bwjq-fyap
36
vulnerability VCID-nqqc-nkwq-rqhx
37
vulnerability VCID-p576-w7dd-p3h7
38
vulnerability VCID-p7gd-anw2-1qbz
39
vulnerability VCID-q5f3-nhjn-hyb4
40
vulnerability VCID-qcnh-z4zh-myaw
41
vulnerability VCID-qek9-g3h8-nfdz
42
vulnerability VCID-r6hu-hvdh-abb1
43
vulnerability VCID-rae3-cugy-hbh5
44
vulnerability VCID-teby-zvvw-zkhv
45
vulnerability VCID-u6h1-ccgw-jqds
46
vulnerability VCID-ub3e-hrb1-wqac
47
vulnerability VCID-uq77-aax5-k7d8
48
vulnerability VCID-vq15-t92r-5bhx
49
vulnerability VCID-w65h-8a9d-ckgj
50
vulnerability VCID-wms8-dnuz-b3hc
51
vulnerability VCID-xvyu-2hb8-8ufh
52
vulnerability VCID-xw1s-93bu-wuh9
53
vulnerability VCID-ys6f-g39p-fkfc
54
vulnerability VCID-yz6t-ge1y-qfgr
55
vulnerability VCID-zru2-9g25-77dc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
1
url pkg:composer/typo3/cms@8.0.0
purl pkg:composer/typo3/cms@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11u3-8xzy-jfhh
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-28fn-ncj5-2ufk
3
vulnerability VCID-2r7u-mc45-8yhe
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2vpx-fqb6-aqfa
6
vulnerability VCID-39jx-muqb-nkfq
7
vulnerability VCID-39vn-73mc-jqav
8
vulnerability VCID-3ugj-6m1e-e3hr
9
vulnerability VCID-4eym-e6vt-8fbs
10
vulnerability VCID-4wnp-gusy-43b8
11
vulnerability VCID-5dxs-cdht-27hw
12
vulnerability VCID-5u2f-5zzf-j3e4
13
vulnerability VCID-66kh-c1dm-8fbf
14
vulnerability VCID-66ru-n2df-b3ay
15
vulnerability VCID-6su8-bbrw-hbhp
16
vulnerability VCID-727q-h3ey-6yc9
17
vulnerability VCID-7ch1-q9f4-a7bt
18
vulnerability VCID-7m6u-k5tp-gkhy
19
vulnerability VCID-848u-w88s-5bbe
20
vulnerability VCID-8p64-6zpt-t3av
21
vulnerability VCID-94r9-hh4g-jkej
22
vulnerability VCID-953t-q1cr-zyd6
23
vulnerability VCID-9726-hafj-wkay
24
vulnerability VCID-9saf-w56y-pugz
25
vulnerability VCID-9yu1-z7c2-t3fj
26
vulnerability VCID-abjx-8v46-d7d8
27
vulnerability VCID-am6s-67bm-77dr
28
vulnerability VCID-bn3p-39sv-6fdg
29
vulnerability VCID-bq2j-t19h-zyad
30
vulnerability VCID-bstt-ybrs-5ua3
31
vulnerability VCID-buj5-2t53-3kcr
32
vulnerability VCID-d6c2-upx1-e7cd
33
vulnerability VCID-dsqm-9q3e-dudw
34
vulnerability VCID-e564-zdku-9fc6
35
vulnerability VCID-emqq-kwjg-3kfk
36
vulnerability VCID-eutz-mj58-audb
37
vulnerability VCID-ev4k-5k1d-2bhu
38
vulnerability VCID-f319-jpf5-hyex
39
vulnerability VCID-fdnw-2tz5-4fdr
40
vulnerability VCID-fgqa-5fx9-nkaz
41
vulnerability VCID-fh61-7rfy-s3hg
42
vulnerability VCID-fqkc-utex-3kav
43
vulnerability VCID-fqkx-v8t5-q3h6
44
vulnerability VCID-fut7-bb1f-37g7
45
vulnerability VCID-g7mm-vjbw-bbhd
46
vulnerability VCID-gk79-jtuz-myh6
47
vulnerability VCID-gpv4-4tpd-tbaa
48
vulnerability VCID-h217-xe8x-nua3
49
vulnerability VCID-h7cg-64er-uya9
50
vulnerability VCID-h7hf-sf2q-73ay
51
vulnerability VCID-hp99-ncuh-6ugv
52
vulnerability VCID-hyx9-8ae6-sba8
53
vulnerability VCID-hzma-cduk-3uhp
54
vulnerability VCID-j8hk-bqnb-gycp
55
vulnerability VCID-j8sh-5evd-dkaz
56
vulnerability VCID-jeqr-9tfu-f7b2
57
vulnerability VCID-jf28-91be-6kbr
58
vulnerability VCID-jmea-qzsr-wkf4
59
vulnerability VCID-jn38-wfec-7bb2
60
vulnerability VCID-jp1p-rfxa-hyd9
61
vulnerability VCID-jq5y-7h9g-mufa
62
vulnerability VCID-jqe4-8hzb-mfea
63
vulnerability VCID-jwb1-3sbg-kfa5
64
vulnerability VCID-k5t3-28es-h3ez
65
vulnerability VCID-khpm-e1xb-hydb
66
vulnerability VCID-ks1q-a8x2-uqht
67
vulnerability VCID-m3nc-xbb4-yubr
68
vulnerability VCID-mctp-nf36-7qdn
69
vulnerability VCID-nhjv-nke2-2kf8
70
vulnerability VCID-njsj-bwjq-fyap
71
vulnerability VCID-nney-azbc-pucg
72
vulnerability VCID-nvbp-pbjw-3qgx
73
vulnerability VCID-p576-w7dd-p3h7
74
vulnerability VCID-p7gd-anw2-1qbz
75
vulnerability VCID-pmvp-twk2-jqe4
76
vulnerability VCID-q2ym-y2rz-1bdn
77
vulnerability VCID-q52p-xfj8-gygd
78
vulnerability VCID-q7vt-19eb-sqeq
79
vulnerability VCID-qcnh-z4zh-myaw
80
vulnerability VCID-qdxh-arxx-wbcr
81
vulnerability VCID-qxab-9uwr-yqhv
82
vulnerability VCID-rqrw-t2kj-mud8
83
vulnerability VCID-ru6w-m6q6-27gn
84
vulnerability VCID-sdjb-gp4t-vbgt
85
vulnerability VCID-sdsa-mh76-kqch
86
vulnerability VCID-sdz8-hju8-4bcb
87
vulnerability VCID-sy7r-d6pv-yba9
88
vulnerability VCID-teby-zvvw-zkhv
89
vulnerability VCID-u259-2sxq-tbct
90
vulnerability VCID-u4tq-8qnk-5fd7
91
vulnerability VCID-u5he-6tqb-gqaf
92
vulnerability VCID-u6as-cwxc-pkhk
93
vulnerability VCID-uq77-aax5-k7d8
94
vulnerability VCID-vq15-t92r-5bhx
95
vulnerability VCID-vw2r-g8yy-eyf4
96
vulnerability VCID-w483-prq4-rycx
97
vulnerability VCID-w58p-3wg1-7ycr
98
vulnerability VCID-wat8-4m83-hken
99
vulnerability VCID-wy45-2gmr-fkfg
100
vulnerability VCID-x175-xjek-97ds
101
vulnerability VCID-x5x1-w7yv-eye9
102
vulnerability VCID-xh68-defe-f7ce
103
vulnerability VCID-xpxg-qq49-b7fd
104
vulnerability VCID-xvyu-2hb8-8ufh
105
vulnerability VCID-xw1s-93bu-wuh9
106
vulnerability VCID-y7ds-p5r2-yuhq
107
vulnerability VCID-ygw4-jdqu-4fbt
108
vulnerability VCID-yh6b-tc4u-v3bk
109
vulnerability VCID-yn6z-9v7k-x7br
110
vulnerability VCID-yz6t-ge1y-qfgr
111
vulnerability VCID-zgfw-pk39-gyg8
112
vulnerability VCID-zmwv-gwq3-fkej
113
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.0.0
2
url pkg:composer/typo3/cms@9.0.0
purl pkg:composer/typo3/cms@9.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11u3-8xzy-jfhh
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-1sfk-z8py-ykb8
3
vulnerability VCID-28fn-ncj5-2ufk
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-39vn-73mc-jqav
6
vulnerability VCID-3k2k-a3gb-n3ba
7
vulnerability VCID-3ugj-6m1e-e3hr
8
vulnerability VCID-3ye6-vqje-abh4
9
vulnerability VCID-4an7-9ph4-mkd4
10
vulnerability VCID-4eym-e6vt-8fbs
11
vulnerability VCID-4jck-w9ct-budk
12
vulnerability VCID-66kh-c1dm-8fbf
13
vulnerability VCID-6mnf-2fcw-dqgp
14
vulnerability VCID-7ch1-q9f4-a7bt
15
vulnerability VCID-7m6u-k5tp-gkhy
16
vulnerability VCID-7xv1-78u7-xufp
17
vulnerability VCID-848u-w88s-5bbe
18
vulnerability VCID-8w4e-d49b-nbg8
19
vulnerability VCID-94r9-hh4g-jkej
20
vulnerability VCID-953t-q1cr-zyd6
21
vulnerability VCID-9adx-p876-kyb5
22
vulnerability VCID-9yu1-z7c2-t3fj
23
vulnerability VCID-a1g9-pyz5-9fca
24
vulnerability VCID-abjx-8v46-d7d8
25
vulnerability VCID-am6s-67bm-77dr
26
vulnerability VCID-bbh5-rss8-bfct
27
vulnerability VCID-buj5-2t53-3kcr
28
vulnerability VCID-cvk2-93hm-gkhx
29
vulnerability VCID-dsqm-9q3e-dudw
30
vulnerability VCID-e6zr-4bgg-kkh5
31
vulnerability VCID-emqq-kwjg-3kfk
32
vulnerability VCID-ev4k-5k1d-2bhu
33
vulnerability VCID-f319-jpf5-hyex
34
vulnerability VCID-f4n7-q72x-3yea
35
vulnerability VCID-fpa2-ffg1-fyaa
36
vulnerability VCID-fqkc-utex-3kav
37
vulnerability VCID-fqkx-v8t5-q3h6
38
vulnerability VCID-fut7-bb1f-37g7
39
vulnerability VCID-gpv4-4tpd-tbaa
40
vulnerability VCID-hknp-f88a-kqec
41
vulnerability VCID-hp99-ncuh-6ugv
42
vulnerability VCID-j8hk-bqnb-gycp
43
vulnerability VCID-je4q-svfw-hqda
44
vulnerability VCID-jp1p-rfxa-hyd9
45
vulnerability VCID-jq5y-7h9g-mufa
46
vulnerability VCID-jwb1-3sbg-kfa5
47
vulnerability VCID-k5t3-28es-h3ez
48
vulnerability VCID-khpm-e1xb-hydb
49
vulnerability VCID-n1gz-y615-cbbk
50
vulnerability VCID-njsj-bwjq-fyap
51
vulnerability VCID-nney-azbc-pucg
52
vulnerability VCID-p576-w7dd-p3h7
53
vulnerability VCID-p7gd-anw2-1qbz
54
vulnerability VCID-pmvp-twk2-jqe4
55
vulnerability VCID-q2t1-kx56-s3c3
56
vulnerability VCID-q7vt-19eb-sqeq
57
vulnerability VCID-qcnh-z4zh-myaw
58
vulnerability VCID-qdxh-arxx-wbcr
59
vulnerability VCID-qv14-m93d-jyd9
60
vulnerability VCID-qxab-9uwr-yqhv
61
vulnerability VCID-rqrw-t2kj-mud8
62
vulnerability VCID-ru6w-m6q6-27gn
63
vulnerability VCID-sdjb-gp4t-vbgt
64
vulnerability VCID-sdsa-mh76-kqch
65
vulnerability VCID-teby-zvvw-zkhv
66
vulnerability VCID-tgyt-axv1-c7ag
67
vulnerability VCID-u259-2sxq-tbct
68
vulnerability VCID-u6as-cwxc-pkhk
69
vulnerability VCID-uq77-aax5-k7d8
70
vulnerability VCID-vq15-t92r-5bhx
71
vulnerability VCID-vw2r-g8yy-eyf4
72
vulnerability VCID-w1wb-mq2y-dfca
73
vulnerability VCID-w7z1-aw31-vugx
74
vulnerability VCID-wat8-4m83-hken
75
vulnerability VCID-x5x1-w7yv-eye9
76
vulnerability VCID-xvyu-2hb8-8ufh
77
vulnerability VCID-xw1s-93bu-wuh9
78
vulnerability VCID-y7ds-p5r2-yuhq
79
vulnerability VCID-yh6b-tc4u-v3bk
80
vulnerability VCID-yz6t-ge1y-qfgr
81
vulnerability VCID-zeut-9wfp-q7et
82
vulnerability VCID-zgfw-pk39-gyg8
83
vulnerability VCID-zkvq-bms4-gfcv
84
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0
References
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-3.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-3.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/commit/1c85fe70269e2ff8ecf0b6d5f16550c6cd0ddc78
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/1c85fe70269e2ff8ecf0b6d5f16550c6cd0ddc78
3
reference_url https://github.com/TYPO3/typo3/commit/373bec5d7d415f0764ebbadc7970610dc26da068
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/373bec5d7d415f0764ebbadc7970610dc26da068
4
reference_url https://github.com/TYPO3/typo3/commit/e4143195e1451630f058a58ab62d92135948a927
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/e4143195e1451630f058a58ab62d92135948a927
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-008
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2018-008
6
reference_url https://github.com/advisories/GHSA-2rcw-9hrm-8q7q
reference_id GHSA-2rcw-9hrm-8q7q
reference_type
scores
url https://github.com/advisories/GHSA-2rcw-9hrm-8q7q
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-gpv4-4tpd-tbaa