Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-jtcp-dw8k-pfbz
Summary
Drupal Open Redirect
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Aliases
0
alias CVE-2012-1589
1
alias GHSA-wwrm-8947-4m6c
Fixed_packages
Affected_packages
0
url pkg:composer/drupal/drupal@7.0.0
purl pkg:composer/drupal/drupal@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3hf4-tvxn-zyh4
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-53h1-sj47-gugn
5
vulnerability VCID-5618-53yg-8qh4
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9j42-9tx5-yfbq
11
vulnerability VCID-9wt5-xe6d-n3cb
12
vulnerability VCID-bk92-66re-dkc5
13
vulnerability VCID-btgv-ef3h-83d3
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-cvxp-ctj9-guej
16
vulnerability VCID-djgn-ezxp-37eu
17
vulnerability VCID-en3b-g3f3-a3e3
18
vulnerability VCID-er79-qj6u-sbgr
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gbz5-5frj-hber
22
vulnerability VCID-gypk-ukbc-7qe3
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-jtcp-dw8k-pfbz
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kc7d-5k6x-77bp
29
vulnerability VCID-mhk6-9qdy-83f3
30
vulnerability VCID-mt37-qzh7-gyfv
31
vulnerability VCID-nd8n-5dsu-2fbp
32
vulnerability VCID-rdgr-yuu7-xkey
33
vulnerability VCID-rhj7-dy7q-jkhw
34
vulnerability VCID-s8u8-xbdk-87dj
35
vulnerability VCID-s9kv-9qfu-gbdq
36
vulnerability VCID-sbmj-9trz-2ybf
37
vulnerability VCID-ssyn-dxp9-3kdq
38
vulnerability VCID-u5wt-ndvn-3ffg
39
vulnerability VCID-utyg-huhu-2ucq
40
vulnerability VCID-v9v6-ae3e-g3hk
41
vulnerability VCID-vura-3gnb-rybs
42
vulnerability VCID-wbvy-zrtk-audw
43
vulnerability VCID-we42-mkyk-hfer
44
vulnerability VCID-wwvq-399y-rfhc
45
vulnerability VCID-yare-57j9-j7cs
46
vulnerability VCID-yrzt-3m97-53ce
47
vulnerability VCID-z5ba-3etw-eqb4
48
vulnerability VCID-zw3u-6ue7-efdf
49
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@7.0.0
References
0
reference_url http://drupal.org/node/1557938
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://drupal.org/node/1557938
1
reference_url http://jvndb.jvn.jp/jvndb/JVNDB-2012-000045
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/jvndb/JVNDB-2012-000045
2
reference_url http://jvn.jp/en/jp/JVN45898075/index.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN45898075/index.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1589
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58312
published_at 2026-04-01T12:55:00Z
1
value 0.00363
scoring_system epss
scoring_elements 0.58397
published_at 2026-04-02T12:55:00Z
2
value 0.00363
scoring_system epss
scoring_elements 0.58447
published_at 2026-04-12T12:55:00Z
3
value 0.00363
scoring_system epss
scoring_elements 0.58417
published_at 2026-04-04T12:55:00Z
4
value 0.00363
scoring_system epss
scoring_elements 0.58391
published_at 2026-04-07T12:55:00Z
5
value 0.00363
scoring_system epss
scoring_elements 0.58444
published_at 2026-04-08T12:55:00Z
6
value 0.00363
scoring_system epss
scoring_elements 0.58467
published_at 2026-04-11T12:55:00Z
7
value 0.00363
scoring_system epss
scoring_elements 0.5845
published_at 2026-04-09T12:55:00Z
8
value 0.00363
scoring_system epss
scoring_elements 0.5846
published_at 2026-04-16T12:55:00Z
9
value 0.00363
scoring_system epss
scoring_elements 0.58428
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1589
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1589
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1589
5
reference_url https://web.archive.org/web/20120507035905/http://www.securityfocus.com/bid/53365
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120507035905/http://www.securityfocus.com/bid/53365
6
reference_url https://web.archive.org/web/20150523060428/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:074/?name=MDVSA-2013:074
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523060428/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:074/?name=MDVSA-2013:074
7
reference_url https://github.com/advisories/GHSA-wwrm-8947-4m6c
reference_id GHSA-wwrm-8947-4m6c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wwrm-8947-4m6c
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 601
name URL Redirection to Untrusted Site ('Open Redirect')
description A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-jtcp-dw8k-pfbz