Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-r6fw-42tv-vueu
Summary
Apache Solr Cross-site scripting Vulnerability
Cross-site scripting (XSS) vulnerability in `webapp/web/js/scripts/schema-browser.js` in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL.
Aliases
0
alias CVE-2015-8796
1
alias GHSA-4fxw-g29w-r8mx
Fixed_packages
0
url pkg:deb/debian/lucene-solr@0?distro=trixie
purl pkg:deb/debian/lucene-solr@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@0%3Fdistro=trixie
1
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie
2
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie
3
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie
Affected_packages
0
url pkg:maven/org.apache.solr/solr@3.1.0
purl pkg:maven/org.apache.solr/solr@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.1.0
1
url pkg:maven/org.apache.solr/solr@3.2.0
purl pkg:maven/org.apache.solr/solr@3.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.2.0
2
url pkg:maven/org.apache.solr/solr@3.3.0
purl pkg:maven/org.apache.solr/solr@3.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.3.0
3
url pkg:maven/org.apache.solr/solr@3.4.0
purl pkg:maven/org.apache.solr/solr@3.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.4.0
4
url pkg:maven/org.apache.solr/solr@3.5.0
purl pkg:maven/org.apache.solr/solr@3.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.5.0
5
url pkg:maven/org.apache.solr/solr@3.6.0
purl pkg:maven/org.apache.solr/solr@3.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.6.0
6
url pkg:maven/org.apache.solr/solr@3.6.1
purl pkg:maven/org.apache.solr/solr@3.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.6.1
7
url pkg:maven/org.apache.solr/solr@3.6.2
purl pkg:maven/org.apache.solr/solr@3.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@3.6.2
8
url pkg:maven/org.apache.solr/solr@4.0.0-ALPHA
purl pkg:maven/org.apache.solr/solr@4.0.0-ALPHA
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.0.0-ALPHA
9
url pkg:maven/org.apache.solr/solr@4.0.0-BETA
purl pkg:maven/org.apache.solr/solr@4.0.0-BETA
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.0.0-BETA
10
url pkg:maven/org.apache.solr/solr@4.0.0
purl pkg:maven/org.apache.solr/solr@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.0.0
11
url pkg:maven/org.apache.solr/solr@4.1.0
purl pkg:maven/org.apache.solr/solr@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.1.0
12
url pkg:maven/org.apache.solr/solr@4.2.0
purl pkg:maven/org.apache.solr/solr@4.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.2.0
13
url pkg:maven/org.apache.solr/solr@4.2.1
purl pkg:maven/org.apache.solr/solr@4.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.2.1
14
url pkg:maven/org.apache.solr/solr@4.3.0
purl pkg:maven/org.apache.solr/solr@4.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.3.0
15
url pkg:maven/org.apache.solr/solr@4.3.1
purl pkg:maven/org.apache.solr/solr@4.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.3.1
16
url pkg:maven/org.apache.solr/solr@4.4.0
purl pkg:maven/org.apache.solr/solr@4.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.4.0
17
url pkg:maven/org.apache.solr/solr@4.5.0
purl pkg:maven/org.apache.solr/solr@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.5.0
18
url pkg:maven/org.apache.solr/solr@4.5.1
purl pkg:maven/org.apache.solr/solr@4.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.5.1
19
url pkg:maven/org.apache.solr/solr@4.6.0
purl pkg:maven/org.apache.solr/solr@4.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.6.0
20
url pkg:maven/org.apache.solr/solr@4.6.1
purl pkg:maven/org.apache.solr/solr@4.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.6.1
21
url pkg:maven/org.apache.solr/solr@4.7.0
purl pkg:maven/org.apache.solr/solr@4.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.7.0
22
url pkg:maven/org.apache.solr/solr@4.7.1
purl pkg:maven/org.apache.solr/solr@4.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.7.1
23
url pkg:maven/org.apache.solr/solr@4.7.2
purl pkg:maven/org.apache.solr/solr@4.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.7.2
24
url pkg:maven/org.apache.solr/solr@4.8.0
purl pkg:maven/org.apache.solr/solr@4.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.8.0
25
url pkg:maven/org.apache.solr/solr@4.8.1
purl pkg:maven/org.apache.solr/solr@4.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.8.1
26
url pkg:maven/org.apache.solr/solr@4.9.0
purl pkg:maven/org.apache.solr/solr@4.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.9.0
27
url pkg:maven/org.apache.solr/solr@4.9.1
purl pkg:maven/org.apache.solr/solr@4.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.9.1
28
url pkg:maven/org.apache.solr/solr@4.10.0
purl pkg:maven/org.apache.solr/solr@4.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.10.0
29
url pkg:maven/org.apache.solr/solr@4.10.1
purl pkg:maven/org.apache.solr/solr@4.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.10.1
30
url pkg:maven/org.apache.solr/solr@4.10.2
purl pkg:maven/org.apache.solr/solr@4.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-49bu-dy1u-2fb9
1
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.10.2
31
url pkg:maven/org.apache.solr/solr@4.10.3
purl pkg:maven/org.apache.solr/solr@4.10.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.10.3
32
url pkg:maven/org.apache.solr/solr@4.10.4
purl pkg:maven/org.apache.solr/solr@4.10.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r6fw-42tv-vueu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr@4.10.4
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8796
reference_id
reference_type
scores
0
value 0.02552
scoring_system epss
scoring_elements 0.85454
published_at 2026-04-04T12:55:00Z
1
value 0.02552
scoring_system epss
scoring_elements 0.85542
published_at 2026-04-24T12:55:00Z
2
value 0.02552
scoring_system epss
scoring_elements 0.8552
published_at 2026-04-21T12:55:00Z
3
value 0.02552
scoring_system epss
scoring_elements 0.85422
published_at 2026-04-01T12:55:00Z
4
value 0.02552
scoring_system epss
scoring_elements 0.85478
published_at 2026-04-08T12:55:00Z
5
value 0.02552
scoring_system epss
scoring_elements 0.85457
published_at 2026-04-07T12:55:00Z
6
value 0.02552
scoring_system epss
scoring_elements 0.85434
published_at 2026-04-02T12:55:00Z
7
value 0.02552
scoring_system epss
scoring_elements 0.85523
published_at 2026-04-18T12:55:00Z
8
value 0.02552
scoring_system epss
scoring_elements 0.85519
published_at 2026-04-16T12:55:00Z
9
value 0.02552
scoring_system epss
scoring_elements 0.85495
published_at 2026-04-13T12:55:00Z
10
value 0.02552
scoring_system epss
scoring_elements 0.85499
published_at 2026-04-12T12:55:00Z
11
value 0.02552
scoring_system epss
scoring_elements 0.855
published_at 2026-04-11T12:55:00Z
12
value 0.02552
scoring_system epss
scoring_elements 0.85486
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8796
1
reference_url https://github.com/apache/lucene/commit/dc2f2295e0a6c6574f033f295dc0c9adb7660df9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene/commit/dc2f2295e0a6c6574f033f295dc0c9adb7660df9
2
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
3
reference_url https://github.com/apache/solr/commit/dc2f2295e0a6c6574f033f295dc0c9adb7660df9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/dc2f2295e0a6c6574f033f295dc0c9adb7660df9
4
reference_url https://issues.apache.org/jira/browse/SOLR-7920
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-7920
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8796
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8796
6
reference_url https://web.archive.org/web/20200227160406/http://www.securityfocus.com/bid/85205
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227160406/http://www.securityfocus.com/bid/85205
7
reference_url http://www.securityfocus.com/bid/85205
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/85205
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
9
reference_url https://github.com/advisories/GHSA-4fxw-g29w-r8mx
reference_id GHSA-4fxw-g29w-r8mx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4fxw-g29w-r8mx
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-r6fw-42tv-vueu