Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/mayan-edms@3.0.1
Typepypi
Namespace
Namemayan-edms
Version3.0.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.10.2
Latest_non_vulnerable_version4.10.2
Affected_by_vulnerabilities
0
url VCID-96t5-779e-13fg
vulnerability_id VCID-96t5-779e-13fg
summary mayan-edms Cross-site Scripting vulnerability
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16405
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.55179
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16405
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms-ng/PYSEC-2018-16.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms-ng/PYSEC-2018-16.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-106.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-106.yaml
3
reference_url https://gitlab.com/mayan-edms/mayan-edms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms
4
reference_url https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
5
reference_url https://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e
6
reference_url https://gitlab.com/mayan-edms/mayan-edms/issues/494
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/issues/494
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16405
reference_id CVE-2018-16405
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16405
8
reference_url https://github.com/advisories/GHSA-fpcv-j2q9-vqhw
reference_id GHSA-fpcv-j2q9-vqhw
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fpcv-j2q9-vqhw
fixed_packages
0
url pkg:pypi/mayan-edms@3.0.2
purl pkg:pypi/mayan-edms@3.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eee8-qf85-w3af
1
vulnerability VCID-r5ms-nbvw-9bc5
2
vulnerability VCID-sh5t-g7f6-w7h7
3
vulnerability VCID-tjeg-gs3c-skb9
4
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0.2
aliases CVE-2018-16405, GHSA-fpcv-j2q9-vqhw, PYSEC-2018-106, PYSEC-2018-16
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96t5-779e-13fg
1
url VCID-eee8-qf85-w3af
vulnerability_id VCID-eee8-qf85-w3af
summary Moderate severity vulnerability that affects mayan-edms
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16407
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52765
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16407
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-15.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-15.yaml
2
reference_url https://gitlab.com/mayan-edms/mayan-edms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms
3
reference_url https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
4
reference_url https://gitlab.com/mayan-edms/mayan-edms/commit/076468a9225e4630a463c0bbceb8e5b805fe380c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/commit/076468a9225e4630a463c0bbceb8e5b805fe380c
5
reference_url https://gitlab.com/mayan-edms/mayan-edms/issues/496
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/issues/496
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16407
reference_id CVE-2018-16407
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16407
7
reference_url https://github.com/advisories/GHSA-5h6m-9mvx-m6c5
reference_id GHSA-5h6m-9mvx-m6c5
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5h6m-9mvx-m6c5
fixed_packages
0
url pkg:pypi/mayan-edms@3.0.3
purl pkg:pypi/mayan-edms@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r5ms-nbvw-9bc5
1
vulnerability VCID-sh5t-g7f6-w7h7
2
vulnerability VCID-tjeg-gs3c-skb9
3
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0.3
aliases CVE-2018-16407, GHSA-5h6m-9mvx-m6c5, PYSEC-2018-15
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eee8-qf85-w3af
2
url VCID-mvvp-s1an-nuc9
vulnerability_id VCID-mvvp-s1an-nuc9
summary Moderate severity vulnerability that affects mayan-edms
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16406
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50943
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16406
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-14.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-14.yaml
2
reference_url https://gitlab.com/mayan-edms/mayan-edms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms
3
reference_url https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
4
reference_url https://gitlab.com/mayan-edms/mayan-edms/commit/48dfc06e49c7f773749e063f8cc69c95509d1c32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/commit/48dfc06e49c7f773749e063f8cc69c95509d1c32
5
reference_url https://gitlab.com/mayan-edms/mayan-edms/issues/495
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/issues/495
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16406
reference_id CVE-2018-16406
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16406
7
reference_url https://github.com/advisories/GHSA-5r76-cjf4-c9qx
reference_id GHSA-5r76-cjf4-c9qx
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5r76-cjf4-c9qx
fixed_packages
0
url pkg:pypi/mayan-edms@3.0.2
purl pkg:pypi/mayan-edms@3.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eee8-qf85-w3af
1
vulnerability VCID-r5ms-nbvw-9bc5
2
vulnerability VCID-sh5t-g7f6-w7h7
3
vulnerability VCID-tjeg-gs3c-skb9
4
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0.2
aliases CVE-2018-16406, GHSA-5r76-cjf4-c9qx, PYSEC-2018-14
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mvvp-s1an-nuc9
3
url VCID-r5ms-nbvw-9bc5
vulnerability_id VCID-r5ms-nbvw-9bc5
summary An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-47419
reference_id
reference_type
scores
0
value 0.00264
scoring_system epss
scoring_elements 0.50221
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-47419
1
reference_url https://github.com/mayan-edms/Mayan-EDMS
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mayan-edms/Mayan-EDMS
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2023-276.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2023-276.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-47419
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-47419
4
reference_url https://www.mayan-edms.com/news/2023/02/version-4.3.6
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.mayan-edms.com/news/2023/02/version-4.3.6
5
reference_url https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419
6
reference_url https://github.com/advisories/GHSA-5m6v-2xgf-qhrw
reference_id GHSA-5m6v-2xgf-qhrw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5m6v-2xgf-qhrw
7
reference_url https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/
reference_id multiple-dms-xss-cve-2022-47412-through-cve-20222-47419
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:02:51Z/
url https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/
8
reference_url https://www.mayan-edms.com/news/2023/02/version-4.3.6/
reference_id version-4.3.6
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:02:51Z/
url https://www.mayan-edms.com/news/2023/02/version-4.3.6/
fixed_packages
0
url pkg:pypi/mayan-edms@4.3.6
purl pkg:pypi/mayan-edms@4.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.3.6
1
url pkg:pypi/mayan-edms@4.4
purl pkg:pypi/mayan-edms@4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.4
aliases CVE-2022-47419, GHSA-5m6v-2xgf-qhrw, PYSEC-2023-276
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r5ms-nbvw-9bc5
4
url VCID-sh5t-g7f6-w7h7
vulnerability_id VCID-sh5t-g7f6-w7h7
summary Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form.
references
0
reference_url http://research.openflare.org/advisories/OF-2014-09/mayan-edbs-storedxss.txt
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://research.openflare.org/advisories/OF-2014-09/mayan-edbs-storedxss.txt
1
reference_url http://research.openflare.org/poc/maya-edms/maya-edms_multiple_xss.avi
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://research.openflare.org/poc/maya-edms/maya-edms_multiple_xss.avi
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3840
reference_id
reference_type
scores
0
value 0.01071
scoring_system epss
scoring_elements 0.7815
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3840
3
reference_url http://seclists.org/oss-sec/2014/q2/349
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q2/349
4
reference_url http://seclists.org/oss-sec/2014/q2/352
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q2/352
5
reference_url https://github.com/advisories/GHSA-wpvx-26f7-65q3
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-wpvx-26f7-65q3
6
reference_url https://github.com/mayan-edms/Mayan-EDMS
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mayan-edms/Mayan-EDMS
7
reference_url https://github.com/mayan-edms/mayan-edms/commit/398c480c10416d76e7c1dcb607e726e8fc988e72
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mayan-edms/mayan-edms/commit/398c480c10416d76e7c1dcb607e726e8fc988e72
8
reference_url https://github.com/mayan-edms/mayan-edms/issues/3
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mayan-edms/mayan-edms/issues/3
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2014-110.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2014-110.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3840
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3840
11
reference_url http://www.exploit-db.com/exploits/33493
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/33493
12
reference_url http://www.securityfocus.com/bid/67552
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/67552
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33493.txt
reference_id CVE-2014-3840;OSVDB-107292;OSVDB-107291;OSVDB-107290;OSVDB-107289
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33493.txt
fixed_packages
aliases CVE-2014-3840, GHSA-wpvx-26f7-65q3, PYSEC-2014-110
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sh5t-g7f6-w7h7
5
url VCID-tjeg-gs3c-skb9
vulnerability_id VCID-tjeg-gs3c-skb9
summary A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14691
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.18965
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14691
1
reference_url https://github.com/mayan-edms/Mayan-EDMS
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/mayan-edms/Mayan-EDMS
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2025-134.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2025-134.yaml
3
reference_url https://gitlab.com/mayan-edms/mayan-edms/-/commit/45355cbb45a28f61f38f719112d0ff422e6dc688
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/-/commit/45355cbb45a28f61f38f719112d0ff422e6dc688
4
reference_url https://gitlab.com/mayan-edms/mayan-edms/-/commit/94032fbe553e97b33e4e9b9e731b4fc45f9d9f91
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/-/commit/94032fbe553e97b33e4e9b9e731b4fc45f9d9f91
5
reference_url https://gitlab.com/mayan-edms/mayan-edms/-/commit/da9de60a9b84f11d5d2c7bbf118fe696b4f6357e
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/-/commit/da9de60a9b84f11d5d2c7bbf118fe696b4f6357e
6
reference_url https://docs.mayan-edms.com/chapters/releases/4.10.2.html
reference_id 4.10.2.html
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:06:05Z/
url https://docs.mayan-edms.com/chapters/releases/4.10.2.html
7
reference_url https://docs.mayan-edms.com/chapters/releases/4.10.2.html#security
reference_id 4.10.2.html#security
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:06:05Z/
url https://docs.mayan-edms.com/chapters/releases/4.10.2.html#security
8
reference_url https://vuldb.com/?ctiid.336409
reference_id ?ctiid.336409
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:06:05Z/
url https://vuldb.com/?ctiid.336409
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14691
reference_id CVE-2025-14691
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14691
10
reference_url https://github.com/advisories/GHSA-774q-r975-vqwp
reference_id GHSA-774q-r975-vqwp
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-774q-r975-vqwp
11
reference_url https://vuldb.com/?id.336409
reference_id ?id.336409
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:06:05Z/
url https://vuldb.com/?id.336409
12
reference_url https://github.com/ionutluca888/Mayan-EDMS-XSS-POC
reference_id Mayan-EDMS-XSS-POC
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:06:05Z/
url https://github.com/ionutluca888/Mayan-EDMS-XSS-POC
13
reference_url https://vuldb.com/?submit.711713
reference_id ?submit.711713
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:06:05Z/
url https://vuldb.com/?submit.711713
fixed_packages
0
url pkg:pypi/mayan-edms@4.6.12
purl pkg:pypi/mayan-edms@4.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.6.12
1
url pkg:pypi/mayan-edms@4.7.8
purl pkg:pypi/mayan-edms@4.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.7.8
2
url pkg:pypi/mayan-edms@4.8.10
purl pkg:pypi/mayan-edms@4.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.8.10
3
url pkg:pypi/mayan-edms@4.9.7
purl pkg:pypi/mayan-edms@4.9.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.9.7
4
url pkg:pypi/mayan-edms@4.10.2
purl pkg:pypi/mayan-edms@4.10.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.10.2
aliases CVE-2025-14691, GHSA-774q-r975-vqwp, PYSEC-2025-134
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tjeg-gs3c-skb9
6
url VCID-zhby-a265-ubf5
vulnerability_id VCID-zhby-a265-ubf5
summary A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the attack remotely. The exploit has been published and may be used. Upgrading to version 4.10.2 is sufficient to resolve this issue. The affected component should be upgraded. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14692
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24686
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14692
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2025-135.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2025-135.yaml
2
reference_url https://gitlab.com/mayan-edms/mayan-edms
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms
3
reference_url https://gitlab.com/mayan-edms/mayan-edms/-/commit/45355cbb45a28f61f38f719112d0ff422e6dc688
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/-/commit/45355cbb45a28f61f38f719112d0ff422e6dc688
4
reference_url https://gitlab.com/mayan-edms/mayan-edms/-/commit/94032fbe553e97b33e4e9b9e731b4fc45f9d9f91
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/-/commit/94032fbe553e97b33e4e9b9e731b4fc45f9d9f91
5
reference_url https://gitlab.com/mayan-edms/mayan-edms/-/commit/da9de60a9b84f11d5d2c7bbf118fe696b4f6357e
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://gitlab.com/mayan-edms/mayan-edms/-/commit/da9de60a9b84f11d5d2c7bbf118fe696b4f6357e
6
reference_url https://docs.mayan-edms.com/chapters/releases/4.10.2.html
reference_id 4.10.2.html
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:04:54Z/
url https://docs.mayan-edms.com/chapters/releases/4.10.2.html
7
reference_url https://docs.mayan-edms.com/chapters/releases/4.10.2.html#security
reference_id 4.10.2.html#security
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:04:54Z/
url https://docs.mayan-edms.com/chapters/releases/4.10.2.html#security
8
reference_url https://vuldb.com/?ctiid.336410
reference_id ?ctiid.336410
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:04:54Z/
url https://vuldb.com/?ctiid.336410
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14692
reference_id CVE-2025-14692
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14692
10
reference_url https://github.com/advisories/GHSA-x37w-7p52-8f49
reference_id GHSA-x37w-7p52-8f49
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x37w-7p52-8f49
11
reference_url https://vuldb.com/?id.336410
reference_id ?id.336410
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:04:54Z/
url https://vuldb.com/?id.336410
12
reference_url https://github.com/ionutluca888/Mayan-EDMS-OpenRedirect-POC/tree/main
reference_id main
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:04:54Z/
url https://github.com/ionutluca888/Mayan-EDMS-OpenRedirect-POC/tree/main
13
reference_url https://vuldb.com/?submit.711729
reference_id ?submit.711729
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
4
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
6
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
7
value LOW
scoring_system generic_textual
scoring_elements
8
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T20:04:54Z/
url https://vuldb.com/?submit.711729
fixed_packages
0
url pkg:pypi/mayan-edms@4.6.12
purl pkg:pypi/mayan-edms@4.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.6.12
1
url pkg:pypi/mayan-edms@4.7.8
purl pkg:pypi/mayan-edms@4.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.7.8
2
url pkg:pypi/mayan-edms@4.8.10
purl pkg:pypi/mayan-edms@4.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.8.10
3
url pkg:pypi/mayan-edms@4.9.7
purl pkg:pypi/mayan-edms@4.9.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-tjeg-gs3c-skb9
1
vulnerability VCID-zhby-a265-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.9.7
4
url pkg:pypi/mayan-edms@4.10.2
purl pkg:pypi/mayan-edms@4.10.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@4.10.2
aliases CVE-2025-14692, GHSA-x37w-7p52-8f49, PYSEC-2025-135
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhby-a265-ubf5
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0.1