{"url":"http://public2.vulnerablecode.io/api/packages/60925?format=json","purl":"pkg:composer/ssddanbrown/bookstack@22.2.3","type":"composer","namespace":"ssddanbrown","name":"bookstack","version":"22.2.3","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42605?format=json","vulnerability_id":"VCID-14eh-31ua-sfe6","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.","references":[{"reference_url":"https://github.com/bookstackapp/bookstack/commit/856fca8289b7370cafa033ea21c408e7d4303fd6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/bookstackapp/bookstack/commit/856fca8289b7370cafa033ea21c408e7d4303fd6"},{"reference_url":"https://huntr.dev/bounties/b04df4e3-ae5a-4dc6-81ec-496248b15f3c","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/b04df4e3-ae5a-4dc6-81ec-496248b15f3c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0877","reference_id":"CVE-2022-0877","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0877"},{"reference_url":"https://github.com/advisories/GHSA-5rcc-6cmj-7728","reference_id":"GHSA-5rcc-6cmj-7728","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5rcc-6cmj-7728"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60925?format=json","purl":"pkg:composer/ssddanbrown/bookstack@22.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ssddanbrown/bookstack@22.2.3"}],"aliases":["CVE-2022-0877","GHSA-5rcc-6cmj-7728"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14eh-31ua-sfe6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ssddanbrown/bookstack@22.2.3"}