Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/%40developer.notchatbot/webchat@1.3.0
Typenpm
Namespace@developer.notchatbot
Namewebchat
Version1.3.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-qe2k-u2j5-6kdp
vulnerability_id VCID-qe2k-u2j5-6kdp
summary A stored cross-site scripting (XSS) vulnerability exists in the NotChatbot WebChat widget thru 1.4.4. User-supplied input is not properly sanitized before being stored and rendered in the chat conversation history. This allows an attacker to inject arbitrary JavaScript code which is executed when the chat history is reloaded. The issue is reproducible across multiple independent implementations of the widget, indicating that the vulnerability resides in the product itself rather than in a specific website configuration.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30048
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02362
published_at 2026-06-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02361
published_at 2026-06-14T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02353
published_at 2026-06-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02359
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30048
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30048
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30048
2
reference_url https://gist.github.com/0xN4no/0601f398942a29259d217ea650f694fe
reference_id 0601f398942a29259d217ea650f694fe
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:25:57Z/
url https://gist.github.com/0xN4no/0601f398942a29259d217ea650f694fe
3
reference_url https://github.com/0xN4no/CVE-2026-30048
reference_id CVE-2026-30048
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:25:57Z/
url https://github.com/0xN4no/CVE-2026-30048
4
reference_url https://github.com/advisories/GHSA-w3vx-52j6-9fjp
reference_id GHSA-w3vx-52j6-9fjp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w3vx-52j6-9fjp
5
reference_url https://www.npmjs.com/package/@developer.notchatbot/webchat
reference_id webchat
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:25:57Z/
url https://www.npmjs.com/package/@developer.notchatbot/webchat
6
reference_url https://app.unpkg.com/@developer.notchatbot/webchat@1.4.4
reference_id webchat@1.4.4
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:25:57Z/
url https://app.unpkg.com/@developer.notchatbot/webchat@1.4.4
fixed_packages
aliases CVE-2026-30048, GHSA-w3vx-52j6-9fjp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qe2k-u2j5-6kdp
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/%2540developer.notchatbot/webchat@1.3.0