{"url":"http://public2.vulnerablecode.io/api/packages/25752?format=json","purl":"pkg:composer/microweber/microweber@1.3.1","type":"composer","namespace":"microweber","name":"microweber","version":"1.3.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.0.20","latest_non_vulnerable_version":"2.0.20","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/144713?format=json","vulnerability_id":"VCID-1x1c-v7jt-y7bu","summary":"Command Injection in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1877","reference_id":"","reference_type":"","scores":[{"value":"0.04671","scoring_system":"epss","scoring_elements":"0.89565","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1877"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1877","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1877"},{"reference_url":"https://huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55","reference_id":"71fe4b3b-20ac-448c-8191-7b99d7ffaf55","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T20:41:00Z/"}],"url":"https://huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55"},{"reference_url":"https://github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d101e76c8d","reference_id":"93a906d0bf096c3ab1674012a90c88d101e76c8d","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T20:41:00Z/"}],"url":"https://github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d101e76c8d"},{"reference_url":"https://github.com/advisories/GHSA-582p-2fpg-x226","reference_id":"GHSA-582p-2fpg-x226","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-582p-2fpg-x226"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379449?format=json","purl":"pkg:composer/microweber/microweber@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.3"}],"aliases":["CVE-2023-1877","GHSA-582p-2fpg-x226"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1x1c-v7jt-y7bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/150871?format=json","vulnerability_id":"VCID-3c4d-srts-wkhv","summary":"Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2239","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50921","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2239"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2239","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2239"},{"reference_url":"https://github.com/microweber/microweber/commit/b0644cb3411b36b6ccc2ff7cdf7af3fa49525baa","reference_id":"b0644cb3411b36b6ccc2ff7cdf7af3fa49525baa","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:35:13Z/"}],"url":"https://github.com/microweber/microweber/commit/b0644cb3411b36b6ccc2ff7cdf7af3fa49525baa"},{"reference_url":"https://huntr.dev/bounties/edeff16b-fc71-4e26-8d2d-dfe7bb5e7868","reference_id":"edeff16b-fc71-4e26-8d2d-dfe7bb5e7868","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:35:13Z/"}],"url":"https://huntr.dev/bounties/edeff16b-fc71-4e26-8d2d-dfe7bb5e7868"},{"reference_url":"https://github.com/advisories/GHSA-h83h-77x2-6w6g","reference_id":"GHSA-h83h-77x2-6w6g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h83h-77x2-6w6g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379351?format=json","purl":"pkg:composer/microweber/microweber@1.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.4"}],"aliases":["CVE-2023-2239","GHSA-h83h-77x2-6w6g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3c4d-srts-wkhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/126695?format=json","vulnerability_id":"VCID-3t19-bmzs-9ybe","summary":"A vulnerability was found in Microweber 2.0.19. It has been rated as problematic. This issue affects some unknown processing of the file userfiles/modules/settings/group/website_group/index.php of the component Settings Handler. The manipulation of the argument group leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2214","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32295","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2214"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2214","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2214"},{"reference_url":"https://vuldb.com/?ctiid.299285","reference_id":"?ctiid.299285","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://vuldb.com/?ctiid.299285"},{"reference_url":"https://github.com/advisories/GHSA-hcgh-r5gq-6qc2","reference_id":"GHSA-hcgh-r5gq-6qc2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hcgh-r5gq-6qc2"},{"reference_url":"https://vuldb.com/?id.299285","reference_id":"?id.299285","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://vuldb.com/?id.299285"},{"reference_url":"https://github.com/Fewword/Poc/blob/main/microweber/mwb-poc1.md","reference_id":"mwb-poc1.md","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://github.com/Fewword/Poc/blob/main/microweber/mwb-poc1.md"},{"reference_url":"https://vuldb.com/?submit.512032","reference_id":"?submit.512032","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://vuldb.com/?submit.512032"}],"fixed_packages":[],"aliases":["CVE-2025-2214","GHSA-hcgh-r5gq-6qc2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3t19-bmzs-9ybe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57517?format=json","vulnerability_id":"VCID-76at-yua8-pfds","summary":"microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\\modules\\tags\\add_tagging_tagged.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41380","reference_id":"","reference_type":"","scores":[{"value":"0.01293","scoring_system":"epss","scoring_elements":"0.80095","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41380"},{"reference_url":"https://github.com/microweber/microweber/issues/1111","reference_id":"1111","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T18:44:06Z/"}],"url":"https://github.com/microweber/microweber/issues/1111"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41380","reference_id":"CVE-2024-41380","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41380"},{"reference_url":"https://github.com/advisories/GHSA-hf66-xfgj-42g8","reference_id":"GHSA-hf66-xfgj-42g8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hf66-xfgj-42g8"}],"fixed_packages":[],"aliases":["CVE-2024-41380","GHSA-hf66-xfgj-42g8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76at-yua8-pfds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/358449?format=json","vulnerability_id":"VCID-7fc3-kraq-7bhq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6599","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57789","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6599"},{"reference_url":"https://github.com/microweber/microweber/commit/f7eb9e1c6e801346f07f3b0164a01ac5f2ca5cfd","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/f7eb9e1c6e801346f07f3b0164a01ac5f2ca5cfd"},{"reference_url":"https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6599","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6599"},{"reference_url":"https://github.com/advisories/GHSA-9r6p-hg4g-5gxp","reference_id":"GHSA-9r6p-hg4g-5gxp","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9r6p-hg4g-5gxp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379184?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-6599","GHSA-9r6p-hg4g-5gxp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fc3-kraq-7bhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/358436?format=json","vulnerability_id":"VCID-8srk-qrj6-3feu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6566","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32095","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6566"},{"reference_url":"https://github.com/microweber/microweber/commit/eee0c6771e152022a91089a547272c8a542bb74e","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/eee0c6771e152022a91089a547272c8a542bb74e"},{"reference_url":"https://huntr.com/bounties/cf4b68b5-8d97-4d05-9cde-e76b1a414fd6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.com/bounties/cf4b68b5-8d97-4d05-9cde-e76b1a414fd6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6566","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6566"},{"reference_url":"https://github.com/advisories/GHSA-3rpx-pgmf-j96h","reference_id":"GHSA-3rpx-pgmf-j96h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3rpx-pgmf-j96h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379184?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-6566","GHSA-3rpx-pgmf-j96h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8srk-qrj6-3feu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151470?format=json","vulnerability_id":"VCID-8wsk-k3ut-que3","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3142","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56325","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3142"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3142","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3142"},{"reference_url":"https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1","reference_id":"42efa981a2239d042d910069952d6276497bdcf1","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T21:09:56Z/"}],"url":"https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1"},{"reference_url":"https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5","reference_id":"d00686b0-f89a-4e14-98d7-b8dd3f92a6e5","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T21:09:56Z/"}],"url":"https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5"},{"reference_url":"https://github.com/advisories/GHSA-fqcv-rfp6-wv92","reference_id":"GHSA-fqcv-rfp6-wv92","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fqcv-rfp6-wv92"}],"fixed_packages":[],"aliases":["CVE-2023-3142","GHSA-fqcv-rfp6-wv92"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wsk-k3ut-que3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57364?format=json","vulnerability_id":"VCID-deq4-1rsn-97fb","summary":"microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\\modules\\settings\\admin.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41381","reference_id":"","reference_type":"","scores":[{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.79239","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41381"},{"reference_url":"https://github.com/microweber/microweber/issues/1110","reference_id":"1110","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:07:48Z/"}],"url":"https://github.com/microweber/microweber/issues/1110"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41381","reference_id":"CVE-2024-41381","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41381"},{"reference_url":"https://github.com/advisories/GHSA-h4xf-wx99-jmv4","reference_id":"GHSA-h4xf-wx99-jmv4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h4xf-wx99-jmv4"}],"fixed_packages":[],"aliases":["CVE-2024-41381","GHSA-h4xf-wx99-jmv4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-deq4-1rsn-97fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53350?format=json","vulnerability_id":"VCID-fchn-5chy-33ae","summary":"Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name (Internal Name) field in the Add new campaign function","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33297","reference_id":"","reference_type":"","scores":[{"value":"0.01414","scoring_system":"epss","scoring_elements":"0.80967","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33297"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33297","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33297"},{"reference_url":"https://github.com/MathSabo/CVE-2024-33297","reference_id":"CVE-2024-33297","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-14T15:56:41Z/"}],"url":"https://github.com/MathSabo/CVE-2024-33297"},{"reference_url":"https://github.com/advisories/GHSA-j4v9-cm37-h7c2","reference_id":"GHSA-j4v9-cm37-h7c2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j4v9-cm37-h7c2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/733029?format=json","purl":"pkg:composer/microweber/microweber@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.10"}],"aliases":["CVE-2024-33297","GHSA-j4v9-cm37-h7c2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fchn-5chy-33ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53822?format=json","vulnerability_id":"VCID-fh5p-eqra-3ufw","summary":"Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/module/view?type=users","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33299","reference_id":"","reference_type":"","scores":[{"value":"0.01553","scoring_system":"epss","scoring_elements":"0.81842","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33299"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33299","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33299"},{"reference_url":"https://github.com/MathSabo/CVE-2024-33299","reference_id":"CVE-2024-33299","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-14T16:06:00Z/"}],"url":"https://github.com/MathSabo/CVE-2024-33299"},{"reference_url":"https://github.com/advisories/GHSA-97h9-p9f8-4p3r","reference_id":"GHSA-97h9-p9f8-4p3r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-97h9-p9f8-4p3r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/733029?format=json","purl":"pkg:composer/microweber/microweber@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.10"}],"aliases":["CVE-2024-33299","GHSA-97h9-p9f8-4p3r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fh5p-eqra-3ufw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168987?format=json","vulnerability_id":"VCID-ggfa-2qy1-m7f7","summary":"Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4732","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.79009","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4732"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4732","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4732"},{"reference_url":"https://github.com/microweber/microweber/commit/0d279ac81052ce7ee97c18c811a9b8e912189da0","reference_id":"0d279ac81052ce7ee97c18c811a9b8e912189da0","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T17:09:36Z/"}],"url":"https://github.com/microweber/microweber/commit/0d279ac81052ce7ee97c18c811a9b8e912189da0"},{"reference_url":"https://huntr.dev/bounties/d5be2e96-1f2f-4357-a385-e184cf0119aa","reference_id":"d5be2e96-1f2f-4357-a385-e184cf0119aa","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T17:09:36Z/"}],"url":"https://huntr.dev/bounties/d5be2e96-1f2f-4357-a385-e184cf0119aa"},{"reference_url":"https://github.com/advisories/GHSA-8h43-xg5g-9cj7","reference_id":"GHSA-8h43-xg5g-9cj7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8h43-xg5g-9cj7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26892?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1x1c-v7jt-y7bu"},{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-kvhh-zc21-guhe"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"},{"vulnerability":"VCID-wcxf-zceg-akah"},{"vulnerability":"VCID-xygs-t8xf-nkbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2022-4732","GHSA-8h43-xg5g-9cj7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggfa-2qy1-m7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168680?format=json","vulnerability_id":"VCID-gx36-kf8v-sbam","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4647","reference_id":"","reference_type":"","scores":[{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68217","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4647"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4647","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4647"},{"reference_url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936","reference_id":"20df56615e61624f5fff149849753869e4b3b936","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-09T18:17:49Z/"}],"url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936"},{"reference_url":"https://huntr.dev/bounties/ccdd243d-726c-4199-b742-25c571491242","reference_id":"ccdd243d-726c-4199-b742-25c571491242","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-09T18:17:49Z/"}],"url":"https://huntr.dev/bounties/ccdd243d-726c-4199-b742-25c571491242"},{"reference_url":"https://github.com/advisories/GHSA-9cmm-52cv-6hvc","reference_id":"GHSA-9cmm-52cv-6hvc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9cmm-52cv-6hvc"}],"fixed_packages":[],"aliases":["CVE-2022-4647","GHSA-9cmm-52cv-6hvc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gx36-kf8v-sbam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/148581?format=json","vulnerability_id":"VCID-k3p4-2vuv-tyav","summary":"Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0608","reference_id":"","reference_type":"","scores":[{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64217","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0608"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0608","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0608"},{"reference_url":"https://huntr.dev/bounties/02a86e0d-dff7-4e27-89d5-2f7dcd4b580c","reference_id":"02a86e0d-dff7-4e27-89d5-2f7dcd4b580c","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T20:18:49Z/"}],"url":"https://huntr.dev/bounties/02a86e0d-dff7-4e27-89d5-2f7dcd4b580c"},{"reference_url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936","reference_id":"20df56615e61624f5fff149849753869e4b3b936","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T20:18:49Z/"}],"url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936"},{"reference_url":"https://github.com/advisories/GHSA-pj97-r83v-vj7f","reference_id":"GHSA-pj97-r83v-vj7f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pj97-r83v-vj7f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26892?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1x1c-v7jt-y7bu"},{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-kvhh-zc21-guhe"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"},{"vulnerability":"VCID-wcxf-zceg-akah"},{"vulnerability":"VCID-xygs-t8xf-nkbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2023-0608","GHSA-pj97-r83v-vj7f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3p4-2vuv-tyav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174744?format=json","vulnerability_id":"VCID-k9w9-cyp1-kkht","summary":"Code Injection in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3242","reference_id":"","reference_type":"","scores":[{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95588","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3242"},{"reference_url":"https://huntr.dev/bounties/3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf","reference_id":"3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T13:56:48Z/"}],"url":"https://huntr.dev/bounties/3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf"},{"reference_url":"https://github.com/microweber/microweber/commit/68f0721571653db865a5fa01c7986642c82e919c","reference_id":"68f0721571653db865a5fa01c7986642c82e919c","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T13:56:48Z/"}],"url":"https://github.com/microweber/microweber/commit/68f0721571653db865a5fa01c7986642c82e919c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3242","reference_id":"CVE-2022-3242","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3242"},{"reference_url":"https://github.com/advisories/GHSA-232p-59mg-f98p","reference_id":"GHSA-232p-59mg-f98p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-232p-59mg-f98p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26892?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1x1c-v7jt-y7bu"},{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-kvhh-zc21-guhe"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"},{"vulnerability":"VCID-wcxf-zceg-akah"},{"vulnerability":"VCID-xygs-t8xf-nkbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2022-3242","GHSA-232p-59mg-f98p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k9w9-cyp1-kkht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/144372?format=json","vulnerability_id":"VCID-kvhh-zc21-guhe","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1881","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49804","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1881"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1881","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1881"},{"reference_url":"https://github.com/microweber/microweber/commit/8d039de2d615956f6df8df0bb1045ff3be88f183","reference_id":"8d039de2d615956f6df8df0bb1045ff3be88f183","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T19:49:59Z/"}],"url":"https://github.com/microweber/microweber/commit/8d039de2d615956f6df8df0bb1045ff3be88f183"},{"reference_url":"https://huntr.dev/bounties/d5ebc2bd-8638-41c4-bf72-7c906c601344","reference_id":"d5ebc2bd-8638-41c4-bf72-7c906c601344","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T19:49:59Z/"}],"url":"https://huntr.dev/bounties/d5ebc2bd-8638-41c4-bf72-7c906c601344"},{"reference_url":"https://github.com/advisories/GHSA-hhjm-mpmf-cxg9","reference_id":"GHSA-hhjm-mpmf-cxg9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hhjm-mpmf-cxg9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379449?format=json","purl":"pkg:composer/microweber/microweber@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.3"}],"aliases":["CVE-2023-1881","GHSA-hhjm-mpmf-cxg9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvhh-zc21-guhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53465?format=json","vulnerability_id":"VCID-n3ea-26qj-wyaz","summary":"Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=admin__backup","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33298","reference_id":"","reference_type":"","scores":[{"value":"0.01761","scoring_system":"epss","scoring_elements":"0.83021","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33298"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33298","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33298"},{"reference_url":"https://github.com/MathSabo/CVE-2024-33298","reference_id":"CVE-2024-33298","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T15:26:53Z/"}],"url":"https://github.com/MathSabo/CVE-2024-33298"},{"reference_url":"https://github.com/advisories/GHSA-w5g5-4jj3-8f6v","reference_id":"GHSA-w5g5-4jj3-8f6v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-w5g5-4jj3-8f6v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/733029?format=json","purl":"pkg:composer/microweber/microweber@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.10"}],"aliases":["CVE-2024-33298","GHSA-w5g5-4jj3-8f6v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3ea-26qj-wyaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168806?format=json","vulnerability_id":"VCID-n3wm-j66x-p7b8","summary":"Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4617","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41392","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4617"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4617","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4617"},{"reference_url":"https://huntr.dev/bounties/1fb2ce08-7016-45fa-b402-ec08d700e4df","reference_id":"1fb2ce08-7016-45fa-b402-ec08d700e4df","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-14T14:21:05Z/"}],"url":"https://huntr.dev/bounties/1fb2ce08-7016-45fa-b402-ec08d700e4df"},{"reference_url":"https://github.com/microweber/microweber/commit/df8add930ecfa7f5b18c67c3f748c137fe890906","reference_id":"df8add930ecfa7f5b18c67c3f748c137fe890906","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-14T14:21:05Z/"}],"url":"https://github.com/microweber/microweber/commit/df8add930ecfa7f5b18c67c3f748c137fe890906"},{"reference_url":"https://github.com/advisories/GHSA-3mmh-vq9w-4c3g","reference_id":"GHSA-3mmh-vq9w-4c3g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3mmh-vq9w-4c3g"}],"fixed_packages":[],"aliases":["CVE-2022-4617","GHSA-3mmh-vq9w-4c3g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3wm-j66x-p7b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133608?format=json","vulnerability_id":"VCID-n65t-47bf-fuhr","summary":"Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5244","reference_id":"","reference_type":"","scores":[{"value":"0.28933","scoring_system":"epss","scoring_elements":"0.96676","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5244"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5244","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5244"},{"reference_url":"https://github.com/microweber/microweber/commit/1cb846f8f54ff6f5c668f3ae64dd81740a7e8968","reference_id":"1cb846f8f54ff6f5c668f3ae64dd81740a7e8968","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:10:08Z/"}],"url":"https://github.com/microweber/microweber/commit/1cb846f8f54ff6f5c668f3ae64dd81740a7e8968"},{"reference_url":"https://huntr.dev/bounties/a3bd58ba-ca59-4cba-85d1-799f73a76470","reference_id":"a3bd58ba-ca59-4cba-85d1-799f73a76470","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:10:08Z/"}],"url":"https://huntr.dev/bounties/a3bd58ba-ca59-4cba-85d1-799f73a76470"},{"reference_url":"https://github.com/advisories/GHSA-rgf9-j7gv-rq22","reference_id":"GHSA-rgf9-j7gv-rq22","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rgf9-j7gv-rq22"}],"fixed_packages":[],"aliases":["CVE-2023-5244","GHSA-rgf9-j7gv-rq22"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n65t-47bf-fuhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/150949?format=json","vulnerability_id":"VCID-n9zs-555r-yfc1","summary":"Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2240","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.52035","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2240"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2240","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2240"},{"reference_url":"https://huntr.dev/bounties/8f595559-7b4b-4b00-954c-7a627766e203","reference_id":"8f595559-7b4b-4b00-954c-7a627766e203","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-04T19:34:06Z/"}],"url":"https://huntr.dev/bounties/8f595559-7b4b-4b00-954c-7a627766e203"},{"reference_url":"https://github.com/microweber/microweber/commit/f43d5b767ad5814fc5f84bbaf0b77996262f3a4b","reference_id":"f43d5b767ad5814fc5f84bbaf0b77996262f3a4b","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-04T19:34:06Z/"}],"url":"https://github.com/microweber/microweber/commit/f43d5b767ad5814fc5f84bbaf0b77996262f3a4b"},{"reference_url":"https://github.com/advisories/GHSA-r6xq-xcxc-fghx","reference_id":"GHSA-r6xq-xcxc-fghx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r6xq-xcxc-fghx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379351?format=json","purl":"pkg:composer/microweber/microweber@1.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.4"}],"aliases":["CVE-2023-2240","GHSA-r6xq-xcxc-fghx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9zs-555r-yfc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/142850?format=json","vulnerability_id":"VCID-psr3-qnds-p7c5","summary":"Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6832","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34102","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6832"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6832","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6832"},{"reference_url":"https://huntr.com/bounties/53105a20-f4b1-45ad-a734-0349de6d7376","reference_id":"53105a20-f4b1-45ad-a734-0349de6d7376","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-27T17:05:25Z/"}],"url":"https://huntr.com/bounties/53105a20-f4b1-45ad-a734-0349de6d7376"},{"reference_url":"https://github.com/microweber/microweber/commit/890e9838aabbc799ebefcf6b20ba25e0fd6dbfee","reference_id":"890e9838aabbc799ebefcf6b20ba25e0fd6dbfee","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-27T17:05:25Z/"}],"url":"https://github.com/microweber/microweber/commit/890e9838aabbc799ebefcf6b20ba25e0fd6dbfee"},{"reference_url":"https://github.com/advisories/GHSA-qjfx-fvx7-3wvw","reference_id":"GHSA-qjfx-fvx7-3wvw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qjfx-fvx7-3wvw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379184?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-6832","GHSA-qjfx-fvx7-3wvw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-psr3-qnds-p7c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357525?format=json","vulnerability_id":"VCID-qjsz-wk6u-wbgf","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49052","reference_id":"","reference_type":"","scores":[{"value":"0.26275","scoring_system":"epss","scoring_elements":"0.96428","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49052"},{"reference_url":"https://github.com/Cyber-Wo0dy/CVE-2023-49052","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Cyber-Wo0dy/CVE-2023-49052"},{"reference_url":"https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49052","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49052"},{"reference_url":"https://github.com/advisories/GHSA-2c7x-w3mx-h7p6","reference_id":"GHSA-2c7x-w3mx-h7p6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2c7x-w3mx-h7p6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/668058?format=json","purl":"pkg:composer/microweber/microweber@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.5"}],"aliases":["CVE-2023-49052","GHSA-2c7x-w3mx-h7p6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjsz-wk6u-wbgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173190?format=json","vulnerability_id":"VCID-r8ve-v7b7-hugf","summary":"Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0698","reference_id":"","reference_type":"","scores":[{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.84453","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0698"},{"reference_url":"https://fluidattacks.com/advisories/garrix","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://fluidattacks.com/advisories/garrix"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0698","reference_id":"CVE-2022-0698","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0698"},{"reference_url":"https://fluidattacks.com/advisories/garrix/","reference_id":"garrix","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T17:34:42Z/"}],"url":"https://fluidattacks.com/advisories/garrix/"},{"reference_url":"https://github.com/advisories/GHSA-79gx-3fm8-qxqq","reference_id":"GHSA-79gx-3fm8-qxqq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-79gx-3fm8-qxqq"},{"reference_url":"https://github.com/microweber/microweber/","reference_id":"microweber","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T17:34:42Z/"}],"url":"https://github.com/microweber/microweber/"}],"fixed_packages":[],"aliases":["CVE-2022-0698","GHSA-79gx-3fm8-qxqq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8ve-v7b7-hugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117589?format=json","vulnerability_id":"VCID-rhgx-1faw-2yaz","summary":"Cross Site Scripting vulnerability in the \"/admin/category/create\" endpoint of Microweber 2.0.19. An attacker can manipulate the \"rel_id\" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was reported to the developers and fixed in version 2.0.20.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70792","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07271","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70792"},{"reference_url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f","reference_id":"aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:49:30Z/"}],"url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70792","reference_id":"CVE-2025-70792","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70792"},{"reference_url":"https://gist.github.com/TimRecktenwald/f4b0d1edbb87e75c17c639ca0bacba57","reference_id":"f4b0d1edbb87e75c17c639ca0bacba57","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:49:30Z/"}],"url":"https://gist.github.com/TimRecktenwald/f4b0d1edbb87e75c17c639ca0bacba57"},{"reference_url":"https://github.com/advisories/GHSA-6w5w-jx4x-vjvw","reference_id":"GHSA-6w5w-jx4x-vjvw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6w5w-jx4x-vjvw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38786?format=json","purl":"pkg:composer/microweber/microweber@2.0.20","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.20"}],"aliases":["CVE-2025-70792","GHSA-6w5w-jx4x-vjvw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhgx-1faw-2yaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175027?format=json","vulnerability_id":"VCID-rxfu-pwdn-ebf2","summary":"HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3245","reference_id":"","reference_type":"","scores":[{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62851","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3245"},{"reference_url":"https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0","reference_id":"747c2924-95ca-4311-9e69-58ee0fb440a0","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-27T18:08:10Z/"}],"url":"https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3245","reference_id":"CVE-2022-3245","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3245"},{"reference_url":"https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc","reference_id":"f20abf30a1d9c1426c5fb757ac63998dc5b92bfc","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-27T18:08:10Z/"}],"url":"https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc"},{"reference_url":"https://github.com/advisories/GHSA-gm8c-w9cm-c445","reference_id":"GHSA-gm8c-w9cm-c445","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gm8c-w9cm-c445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26892?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1x1c-v7jt-y7bu"},{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-kvhh-zc21-guhe"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"},{"vulnerability":"VCID-wcxf-zceg-akah"},{"vulnerability":"VCID-xygs-t8xf-nkbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2022-3245","GHSA-gm8c-w9cm-c445"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxfu-pwdn-ebf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117580?format=json","vulnerability_id":"VCID-rxv1-tbd2-y3h8","summary":"Cross Site Scripting vulnerability in the \"/admin/order/abandoned\" endpoint of Microweber 2.0.19. An attacker can manipulate the \"orderDirection\" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was reported to the developers and fixed in version 2.0.20.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70791","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07271","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70791"},{"reference_url":"https://gist.github.com/TimRecktenwald/9615b9915a4cacda9f57bb57f13ab6d4","reference_id":"9615b9915a4cacda9f57bb57f13ab6d4","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:52:24Z/"}],"url":"https://gist.github.com/TimRecktenwald/9615b9915a4cacda9f57bb57f13ab6d4"},{"reference_url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f","reference_id":"aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:52:24Z/"}],"url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70791","reference_id":"CVE-2025-70791","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70791"},{"reference_url":"https://github.com/advisories/GHSA-5jg5-xqfw-rv92","reference_id":"GHSA-5jg5-xqfw-rv92","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5jg5-xqfw-rv92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38786?format=json","purl":"pkg:composer/microweber/microweber@2.0.20","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.20"}],"aliases":["CVE-2025-70791","GHSA-5jg5-xqfw-rv92"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxv1-tbd2-y3h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/147804?format=json","vulnerability_id":"VCID-sh4y-qxjm-7bgk","summary":"Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47379","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36364","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47379"},{"reference_url":"https://github.com/microweber/microweber/commit/a481f079d74e82f6094abf15d67e814349d1038a","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/a481f079d74e82f6094abf15d67e814349d1038a"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-47379","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-47379"},{"reference_url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability"},{"reference_url":"https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00","reference_id":"c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T19:51:46Z/"}],"url":"https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00"},{"reference_url":"https://github.com/microweber/microweber/blob/master/CHANGELOG.md","reference_id":"CHANGELOG.md","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T19:51:46Z/"}],"url":"https://github.com/microweber/microweber/blob/master/CHANGELOG.md"},{"reference_url":"https://github.com/advisories/GHSA-jmwm-w2rm-prv9","reference_id":"GHSA-jmwm-w2rm-prv9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmwm-w2rm-prv9"},{"reference_url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/","reference_id":"stored-xss-vulnerability","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T19:51:46Z/"}],"url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381059?format=json","purl":"pkg:composer/microweber/microweber@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7us8-dpph-pfhr"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.3"}],"aliases":["CVE-2023-47379","GHSA-jmwm-w2rm-prv9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sh4y-qxjm-7bgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62585?format=json","vulnerability_id":"VCID-t6er-zqcu-d7bn","summary":"A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40101","reference_id":"","reference_type":"","scores":[{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.7891","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40101"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Aug/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2024/Aug/1"},{"reference_url":"https://github.com/microweber/microweber/commit/0dede6886c6df3d1f31c4f4e3ba1ab4a336fbf79","reference_id":"0dede6886c6df3d1f31c4f4e3ba1ab4a336fbf79","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:46:28Z/"}],"url":"https://github.com/microweber/microweber/commit/0dede6886c6df3d1f31c4f4e3ba1ab4a336fbf79"},{"reference_url":"https://seclists.org/fulldisclosure/2024/Aug/1","reference_id":"1","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:46:28Z/"}],"url":"https://seclists.org/fulldisclosure/2024/Aug/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40101","reference_id":"CVE-2024-40101","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40101"},{"reference_url":"https://github.com/advisories/GHSA-m99v-mmg2-66vf","reference_id":"GHSA-m99v-mmg2-66vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m99v-mmg2-66vf"},{"reference_url":"http://microweber.com","reference_id":"microweber.com","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:46:28Z/"}],"url":"http://microweber.com"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32904?format=json","purl":"pkg:composer/microweber/microweber@2.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.16"}],"aliases":["CVE-2024-40101","GHSA-m99v-mmg2-66vf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6er-zqcu-d7bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133831?format=json","vulnerability_id":"VCID-ukha-ad37-s7ad","summary":"Improper Access Control in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5976","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23684","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5976"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5976","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5976"},{"reference_url":"https://huntr.com/bounties/2004e4a9-c5f6-406a-89b0-571f808882fa","reference_id":"2004e4a9-c5f6-406a-89b0-571f808882fa","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T19:05:02Z/"}],"url":"https://huntr.com/bounties/2004e4a9-c5f6-406a-89b0-571f808882fa"},{"reference_url":"https://github.com/microweber/microweber/commit/bc537ebe235bf9924c6557a46114f5f9557cd16a","reference_id":"bc537ebe235bf9924c6557a46114f5f9557cd16a","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T19:05:02Z/"}],"url":"https://github.com/microweber/microweber/commit/bc537ebe235bf9924c6557a46114f5f9557cd16a"},{"reference_url":"https://github.com/advisories/GHSA-q57g-38pc-jwv8","reference_id":"GHSA-q57g-38pc-jwv8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q57g-38pc-jwv8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379184?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-5976","GHSA-q57g-38pc-jwv8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukha-ad37-s7ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133740?format=json","vulnerability_id":"VCID-usjz-km5k-2yfd","summary":"Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5318","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56333","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5318"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5318","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5318"},{"reference_url":"https://huntr.dev/bounties/17826bdd-8136-48ae-afb9-af627cb6fd5d","reference_id":"17826bdd-8136-48ae-afb9-af627cb6fd5d","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:21:58Z/"}],"url":"https://huntr.dev/bounties/17826bdd-8136-48ae-afb9-af627cb6fd5d"},{"reference_url":"https://github.com/microweber/microweber/commit/c48b34dfd6cae7a55b452280d692dc62512574b0","reference_id":"c48b34dfd6cae7a55b452280d692dc62512574b0","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:21:58Z/"}],"url":"https://github.com/microweber/microweber/commit/c48b34dfd6cae7a55b452280d692dc62512574b0"},{"reference_url":"https://github.com/advisories/GHSA-r657-3wqh-g2x9","reference_id":"GHSA-r657-3wqh-g2x9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r657-3wqh-g2x9"}],"fixed_packages":[],"aliases":["CVE-2023-5318","GHSA-r657-3wqh-g2x9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usjz-km5k-2yfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133940?format=json","vulnerability_id":"VCID-veps-r1j6-6kd2","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5861","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22488","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5861"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5861","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5861"},{"reference_url":"https://github.com/microweber/microweber/commit/6ed7ebf1631dd8f0780caa4151a5538f3b227d26","reference_id":"6ed7ebf1631dd8f0780caa4151a5538f3b227d26","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T17:52:21Z/"}],"url":"https://github.com/microweber/microweber/commit/6ed7ebf1631dd8f0780caa4151a5538f3b227d26"},{"reference_url":"https://huntr.com/bounties/7baecef8-6c59-42fc-bced-886c4929e220","reference_id":"7baecef8-6c59-42fc-bced-886c4929e220","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T17:52:21Z/"}],"url":"https://huntr.com/bounties/7baecef8-6c59-42fc-bced-886c4929e220"},{"reference_url":"https://github.com/advisories/GHSA-7q5f-29gx-57ff","reference_id":"GHSA-7q5f-29gx-57ff","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7q5f-29gx-57ff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379184?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-9777-zmsz-9ubz"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-qtms-2pgf-w3b1"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-uuhx-pt43-bbga"},{"vulnerability":"VCID-z67f-hdn3-83b7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-5861","GHSA-7q5f-29gx-57ff"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-veps-r1j6-6kd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354973?format=json","vulnerability_id":"VCID-wcxf-zceg-akah","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1081","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53415","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1081"},{"reference_url":"https://github.com/microweber/microweber/commit/29d418461d8407688f2720e7b4be915e03fc16c1","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/29d418461d8407688f2720e7b4be915e03fc16c1"},{"reference_url":"https://huntr.dev/bounties/cf59deed-9d43-4552-acfd-43f38f3aabba","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/cf59deed-9d43-4552-acfd-43f38f3aabba"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1081","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1081"},{"reference_url":"https://github.com/advisories/GHSA-c2rc-8m9f-g4fh","reference_id":"GHSA-c2rc-8m9f-g4fh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c2rc-8m9f-g4fh"}],"fixed_packages":[],"aliases":["CVE-2023-1081","GHSA-c2rc-8m9f-g4fh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcxf-zceg-akah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151118?format=json","vulnerability_id":"VCID-xygs-t8xf-nkbu","summary":"Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2014","reference_id":"","reference_type":"","scores":[{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.55045","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2014"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2014","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2014"},{"reference_url":"https://github.com/microweber/microweber/commit/1a9b904722b35b00653c6ae72dca2969149159b3","reference_id":"1a9b904722b35b00653c6ae72dca2969149159b3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:37:48Z/"}],"url":"https://github.com/microweber/microweber/commit/1a9b904722b35b00653c6ae72dca2969149159b3"},{"reference_url":"https://huntr.dev/bounties/a77bf7ed-6b61-452e-b5ee-e20017e28d1a","reference_id":"a77bf7ed-6b61-452e-b5ee-e20017e28d1a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:37:48Z/"}],"url":"https://huntr.dev/bounties/a77bf7ed-6b61-452e-b5ee-e20017e28d1a"},{"reference_url":"https://github.com/advisories/GHSA-f4g6-c47x-qhww","reference_id":"GHSA-f4g6-c47x-qhww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4g6-c47x-qhww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379449?format=json","purl":"pkg:composer/microweber/microweber@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.3"}],"aliases":["CVE-2023-2014","GHSA-f4g6-c47x-qhww"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xygs-t8xf-nkbu"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211185?format=json","vulnerability_id":"VCID-emcr-wtgm-eqba","summary":"Microweber's title parameter in the body of POST request vulnerable to stored XSS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2777","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34074","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2777"},{"reference_url":"https://github.com/microweber/microweber/commit/60eef7494211d1c458228c321e986edeaa401a58","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/60eef7494211d1c458228c321e986edeaa401a58"},{"reference_url":"https://huntr.dev/bounties/13dd2f4d-0c7f-483e-a771-e1ed2ff1c36f","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/13dd2f4d-0c7f-483e-a771-e1ed2ff1c36f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2777","reference_id":"CVE-2022-2777","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2777"},{"reference_url":"https://github.com/advisories/GHSA-cf6r-q678-f2p7","reference_id":"GHSA-cf6r-q678-f2p7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cf6r-q678-f2p7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25752?format=json","purl":"pkg:composer/microweber/microweber@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1x1c-v7jt-y7bu"},{"vulnerability":"VCID-3c4d-srts-wkhv"},{"vulnerability":"VCID-3t19-bmzs-9ybe"},{"vulnerability":"VCID-76at-yua8-pfds"},{"vulnerability":"VCID-7fc3-kraq-7bhq"},{"vulnerability":"VCID-8srk-qrj6-3feu"},{"vulnerability":"VCID-8wsk-k3ut-que3"},{"vulnerability":"VCID-deq4-1rsn-97fb"},{"vulnerability":"VCID-fchn-5chy-33ae"},{"vulnerability":"VCID-fh5p-eqra-3ufw"},{"vulnerability":"VCID-ggfa-2qy1-m7f7"},{"vulnerability":"VCID-gx36-kf8v-sbam"},{"vulnerability":"VCID-k3p4-2vuv-tyav"},{"vulnerability":"VCID-k9w9-cyp1-kkht"},{"vulnerability":"VCID-kvhh-zc21-guhe"},{"vulnerability":"VCID-n3ea-26qj-wyaz"},{"vulnerability":"VCID-n3wm-j66x-p7b8"},{"vulnerability":"VCID-n65t-47bf-fuhr"},{"vulnerability":"VCID-n9zs-555r-yfc1"},{"vulnerability":"VCID-psr3-qnds-p7c5"},{"vulnerability":"VCID-qjsz-wk6u-wbgf"},{"vulnerability":"VCID-r8ve-v7b7-hugf"},{"vulnerability":"VCID-rhgx-1faw-2yaz"},{"vulnerability":"VCID-rxfu-pwdn-ebf2"},{"vulnerability":"VCID-rxv1-tbd2-y3h8"},{"vulnerability":"VCID-sh4y-qxjm-7bgk"},{"vulnerability":"VCID-t6er-zqcu-d7bn"},{"vulnerability":"VCID-ukha-ad37-s7ad"},{"vulnerability":"VCID-usjz-km5k-2yfd"},{"vulnerability":"VCID-veps-r1j6-6kd2"},{"vulnerability":"VCID-wcxf-zceg-akah"},{"vulnerability":"VCID-xygs-t8xf-nkbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.1"}],"aliases":["CVE-2022-2777","GHSA-cf6r-q678-f2p7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emcr-wtgm-eqba"}],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.1"}