Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/plone@4.0.0
Typepypi
Namespace
Nameplone
Version4.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.2.5
Latest_non_vulnerable_version6.0.7
Affected_by_vulnerabilities
0
url VCID-m91w-vguw-qkem
vulnerability_id VCID-m91w-vguw-qkem
summary Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
references
0
reference_url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7138
reference_id
reference_type
scores
0
value 0.00491
scoring_system epss
scoring_elements 0.65908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7138
2
reference_url http://seclists.org/fulldisclosure/2016/Oct/80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Oct/80
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml
5
reference_url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
6
reference_url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
7
reference_url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
8
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/4
9
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/5
10
reference_url http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/539572/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92752
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7138
reference_id CVE-2016-7138
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7138
13
reference_url https://github.com/advisories/GHSA-v3hp-f8qr-cf3p
reference_id GHSA-v3hp-f8qr-cf3p
reference_type
scores
url https://github.com/advisories/GHSA-v3hp-f8qr-cf3p
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7138, GHSA-v3hp-f8qr-cf3p, PYSEC-2017-61
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m91w-vguw-qkem
1
url VCID-sg6k-wdwq-9bgd
vulnerability_id VCID-sg6k-wdwq-9bgd
summary z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request.
references
0
reference_url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7136
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66183
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7136
2
reference_url http://seclists.org/fulldisclosure/2016/Oct/80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Oct/80
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-59.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-59.yaml
5
reference_url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-forms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-forms
6
reference_url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
7
reference_url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
8
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/4
9
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/5
10
reference_url http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/539572/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92752
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7136
reference_id CVE-2016-7136
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7136
13
reference_url https://github.com/advisories/GHSA-22jm-p2vv-j2hc
reference_id GHSA-22jm-p2vv-j2hc
reference_type
scores
url https://github.com/advisories/GHSA-22jm-p2vv-j2hc
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7136, GHSA-22jm-p2vv-j2hc, PYSEC-2017-59
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sg6k-wdwq-9bgd
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.0