VulnerableCode Package Details - pkg:composer/forkcms/forkcms@5.8.3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/forkcms/forkcms@5.8.3

Essentials
History (15)

purl	pkg:composer/forkcms/forkcms@5.8.3

Next non-vulnerable version	5.11.1
Latest non-vulnerable version	5.11.1
Risk

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-6bst-csr9-nqc5 Aliases: CVE-2022-0153 GHSA-q863-cchm-c6c6	SQL Injection in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-9s32-dkgr-tyb4 Aliases: CVE-2022-35590 GHSA-pw4j-r69m-rrr5	ForkCMS XSS via `end_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-a5ur-bdkw-v7cp Aliases: CVE-2022-0145 GHSA-qf2g-q4mc-w7rr	Cross-site Scripting in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-a85x-t9uk-2kg8 Aliases: CVE-2022-35585 GHSA-9hmc-87h4-w869	ForkCMS stored XSS via `start_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e6wj-8fte-hqds Aliases: CVE-2022-35587 GHSA-65wf-qm95-6mhm	ForkCMS XSS via `publish_on_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fcqm-mep8-vqdr Aliases: CVE-2021-28931 GHSA-748f-wv76-x9hg		5.9.3 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-h6yg-1d43-yycc Aliases: CVE-2022-1064 GHSA-rr8m-29g8-8cgc	SQL Injection in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-vrms-fwp5-w3e9 Aliases: CVE-2022-35589 GHSA-q4qv-3x58-rxmh	ForkCMS XSS via `publish_on_time` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-3hj7-ythr-yuam		CVE-2020-23960 GHSA-pvgf-mrr4-cw7r
VCID-8xyp-phxj-87eq	Cross-site scripting in forkcms	CVE-2020-23263 GHSA-vp4x-94ff-2cmv
VCID-pzmp-qkwq-kbad		CVE-2020-13633 GHSA-74gc-hf33-5353

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T18:29:42.499359+00:00	GitLab Importer	Affected by	VCID-e6wj-8fte-hqds	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35587.yml	38.6.0
2026-06-12T18:29:42.026787+00:00	GitLab Importer	Affected by	VCID-vrms-fwp5-w3e9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35589.yml	38.6.0
2026-06-12T18:29:41.549580+00:00	GitLab Importer	Affected by	VCID-a85x-t9uk-2kg8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35585.yml	38.6.0
2026-06-12T18:29:41.049707+00:00	GitLab Importer	Affected by	VCID-9s32-dkgr-tyb4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35590.yml	38.6.0
2026-06-12T18:16:54.706299+00:00	GitLab Importer	Fixing	VCID-pzmp-qkwq-kbad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-13633.yml	38.6.0
2026-06-12T18:03:24.156475+00:00	GitLab Importer	Affected by	VCID-h6yg-1d43-yycc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-1064.yml	38.6.0
2026-06-12T18:03:20.407905+00:00	GitLab Importer	Affected by	VCID-a5ur-bdkw-v7cp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-0145.yml	38.6.0
2026-06-12T18:03:18.535557+00:00	GitLab Importer	Affected by	VCID-6bst-csr9-nqc5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-0153.yml	38.6.0
2026-06-12T17:47:51.073103+00:00	GitLab Importer	Affected by	VCID-fcqm-mep8-vqdr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2021-28931.yml	38.6.0
2026-06-12T17:38:43.489952+00:00	GitLab Importer	Fixing	VCID-3hj7-ythr-yuam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-23960.yml	38.6.0
2026-06-12T15:43:29.057949+00:00	GitLab Importer	Fixing	VCID-8xyp-phxj-87eq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-23263.yml	38.6.0
2026-06-12T08:21:05.620482+00:00	GithubOSV Importer	Fixing	VCID-pzmp-qkwq-kbad	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-74gc-hf33-5353/GHSA-74gc-hf33-5353.json	38.6.0
2026-06-12T08:15:45.066641+00:00	GithubOSV Importer	Fixing	VCID-8xyp-phxj-87eq	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-vp4x-94ff-2cmv/GHSA-vp4x-94ff-2cmv.json	38.6.0
2026-06-12T08:06:43.877144+00:00	GithubOSV Importer	Fixing	VCID-3hj7-ythr-yuam	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-pvgf-mrr4-cw7r/GHSA-pvgf-mrr4-cw7r.json	38.6.0
2026-06-11T20:28:11.333059+00:00	GHSA Importer	Fixing	VCID-8xyp-phxj-87eq	https://github.com/advisories/GHSA-vp4x-94ff-2cmv	38.6.0