{"url":"http://public2.vulnerablecode.io/api/packages/53709?format=json","purl":"pkg:composer/intelliants/subrion@4.1.4","type":"composer","namespace":"intelliants","name":"subrion","version":"4.1.4","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.2.0","latest_non_vulnerable_version":"4.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38660?format=json","vulnerability_id":"VCID-ncdz-29ff-53fr","summary":"Cross-site Scripting\nA Cross-site scripting allows remote attackers to inject arbitrary web script or HTML via the body to `blog/add/`.","references":[{"reference_url":"https://github.com/intelliants/subrion/issues/467","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/intelliants/subrion/issues/467"},{"reference_url":"http://www.securityfocus.com/bid/99378","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99378"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10795","reference_id":"CVE-2017-10795","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10795"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53710?format=json","purl":"pkg:composer/intelliants/subrion@4.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cr7s-r2rz-8ybh"},{"vulnerability":"VCID-tuub-vc8w-1qbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/intelliants/subrion@4.1.5"}],"aliases":["CVE-2017-10795"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncdz-29ff-53fr"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41145?format=json","vulnerability_id":"VCID-qccc-t5b3-7uhx","summary":"Cross-site Scripting\nSubrion CMS has XSS.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11317","reference_id":"CVE-2018-11317","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11317"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53709?format=json","purl":"pkg:composer/intelliants/subrion@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ncdz-29ff-53fr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/intelliants/subrion@4.1.4"}],"aliases":["CVE-2018-11317"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qccc-t5b3-7uhx"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/intelliants/subrion@4.1.4"}