{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19501?format=json","vulnerability_id":"VCID-qnsx-aa52-fkhf","summary":"Silverstripe Missing CSRF protection in login form\nLoginForm calls disableSecurityToken(), which causes a \"shared host domain\" vulnerability: http://stackoverflow.com/a/15350123.","aliases":[{"alias":"GHSA-vj2j-6g3w-4662"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22311?format=json","purl":"pkg:composer/silverstripe/framework@3.1.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6yv4-xevb-v7b2"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8am6-aeny-ffej"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-8zj1-kn8e-kbbn"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ade4-h51n-3bap"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-nt4w-m7ak-4bbx"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-t17w-gcwe-eue4"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.19"},{"url":"http://public2.vulnerablecode.io/api/packages/22315?format=json","purl":"pkg:composer/silverstripe/framework@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6yv4-xevb-v7b2"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8am6-aeny-ffej"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-8zj1-kn8e-kbbn"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ade4-h51n-3bap"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-nt4w-m7ak-4bbx"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/22319?format=json","purl":"pkg:composer/silverstripe/framework@3.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4fez-w6cm-rkf5"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6yv4-xevb-v7b2"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8am6-aeny-ffej"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-8zj1-kn8e-kbbn"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ade4-h51n-3bap"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-nt4w-m7ak-4bbx"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-vtva-utdn-jkce"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145585?format=json","purl":"pkg:composer/silverstripe/framework@3.1.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mh2-7nc4-pqg2"},{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6j2p-tzvx-9bdj"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dgn7-zmwr-u3c6"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-edex-qc8j-xfhn"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-qnsx-aa52-fkhf"},{"vulnerability":"VCID-t17w-gcwe-eue4"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-tuwu-cznx-jqdb"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-wazt-hn99-qkdk"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zgy5-8cgd-gqhm"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.18"},{"url":"http://public2.vulnerablecode.io/api/packages/22313?format=json","purl":"pkg:composer/silverstripe/framework@3.1.19-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mh2-7nc4-pqg2"},{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6yv4-xevb-v7b2"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8am6-aeny-ffej"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-8zj1-kn8e-kbbn"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ade4-h51n-3bap"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-edex-qc8j-xfhn"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-nt4w-m7ak-4bbx"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-qnsx-aa52-fkhf"},{"vulnerability":"VCID-t17w-gcwe-eue4"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.1.19-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/145586?format=json","purl":"pkg:composer/silverstripe/framework@3.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mh2-7nc4-pqg2"},{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6j2p-tzvx-9bdj"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dgn7-zmwr-u3c6"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-edex-qc8j-xfhn"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-qnsx-aa52-fkhf"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-tuwu-cznx-jqdb"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-wazt-hn99-qkdk"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zgy5-8cgd-gqhm"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/22317?format=json","purl":"pkg:composer/silverstripe/framework@3.2.4-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mh2-7nc4-pqg2"},{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6yv4-xevb-v7b2"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8am6-aeny-ffej"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-8zj1-kn8e-kbbn"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ade4-h51n-3bap"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-edex-qc8j-xfhn"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-nt4w-m7ak-4bbx"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-qnsx-aa52-fkhf"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.2.4-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/145584?format=json","purl":"pkg:composer/silverstripe/framework@3.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mh2-7nc4-pqg2"},{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6j2p-tzvx-9bdj"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dgn7-zmwr-u3c6"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-edex-qc8j-xfhn"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-qnsx-aa52-fkhf"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-tuwu-cznx-jqdb"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-vtva-utdn-jkce"},{"vulnerability":"VCID-wazt-hn99-qkdk"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zgy5-8cgd-gqhm"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22320?format=json","purl":"pkg:composer/silverstripe/framework@3.3.2-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mh2-7nc4-pqg2"},{"vulnerability":"VCID-2f9j-ek3x-kbc5"},{"vulnerability":"VCID-2rbk-47h6-d7d8"},{"vulnerability":"VCID-414d-7bfm-kud7"},{"vulnerability":"VCID-4f9c-aun4-wfep"},{"vulnerability":"VCID-4x32-t75c-u3bj"},{"vulnerability":"VCID-5pkg-j4wg-7fcn"},{"vulnerability":"VCID-6du5-hdvd-fueb"},{"vulnerability":"VCID-6epx-c68d-d7bv"},{"vulnerability":"VCID-6yv4-xevb-v7b2"},{"vulnerability":"VCID-7dk3-gcup-2kc9"},{"vulnerability":"VCID-86yd-4mkt-hydr"},{"vulnerability":"VCID-8am6-aeny-ffej"},{"vulnerability":"VCID-8wbx-bvm9-jqcv"},{"vulnerability":"VCID-8zj1-kn8e-kbbn"},{"vulnerability":"VCID-a3yc-fxa1-gfhy"},{"vulnerability":"VCID-ab5z-bqka-xudb"},{"vulnerability":"VCID-ade4-h51n-3bap"},{"vulnerability":"VCID-ajga-3b99-yugh"},{"vulnerability":"VCID-axxx-gpfn-mqc9"},{"vulnerability":"VCID-bdcq-z11u-zyh5"},{"vulnerability":"VCID-c3vp-kc9a-vkhn"},{"vulnerability":"VCID-cdgj-bdpy-ukak"},{"vulnerability":"VCID-cg3k-vmk4-5kdb"},{"vulnerability":"VCID-dx5f-g875-5bct"},{"vulnerability":"VCID-eddc-w9wx-c3gq"},{"vulnerability":"VCID-edex-qc8j-xfhn"},{"vulnerability":"VCID-enkd-4y44-4ueq"},{"vulnerability":"VCID-fpb7-5pwu-tyg5"},{"vulnerability":"VCID-fyxa-vzeq-ubeq"},{"vulnerability":"VCID-hgkh-tcdc-ufd5"},{"vulnerability":"VCID-j6ze-f76y-cqgy"},{"vulnerability":"VCID-k7bb-y315-4qb6"},{"vulnerability":"VCID-kak1-btjp-kqgz"},{"vulnerability":"VCID-kdyk-rrrr-pufw"},{"vulnerability":"VCID-kqk7-mdnd-hfc7"},{"vulnerability":"VCID-krjm-ygks-wyct"},{"vulnerability":"VCID-kvhv-9fj5-7kgk"},{"vulnerability":"VCID-kw9p-5fbc-hudg"},{"vulnerability":"VCID-kxa8-dmva-ayff"},{"vulnerability":"VCID-nt4w-m7ak-4bbx"},{"vulnerability":"VCID-p2kq-rkh6-ayeu"},{"vulnerability":"VCID-p52e-s67u-eya7"},{"vulnerability":"VCID-pq29-qe7h-tkcp"},{"vulnerability":"VCID-qm38-1cwk-b3hq"},{"vulnerability":"VCID-qnsx-aa52-fkhf"},{"vulnerability":"VCID-tc2y-zrea-vyb2"},{"vulnerability":"VCID-tm1s-2m92-uyh9"},{"vulnerability":"VCID-u49v-31sv-eqc3"},{"vulnerability":"VCID-vtva-utdn-jkce"},{"vulnerability":"VCID-wrnm-d19b-hqby"},{"vulnerability":"VCID-ya8k-c5s5-47gx"},{"vulnerability":"VCID-yuer-yn1w-q3gw"},{"vulnerability":"VCID-z7fk-zbvh-quew"},{"vulnerability":"VCID-zxmh-xcvd-53fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.3.2-rc1"}],"references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2016-006-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2016-006-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/a6bd22ab2f3b11a054d20be13306a19089510989","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/a6bd22ab2f3b11a054d20be13306a19089510989"},{"reference_url":"https://stackoverflow.com/questions/6412813/do-login-forms-need-tokens-against-csrf-attacks/15350123#15350123","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackoverflow.com/questions/6412813/do-login-forms-need-tokens-against-csrf-attacks/15350123#15350123"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2016-006","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2016-006"},{"reference_url":"https://github.com/advisories/GHSA-vj2j-6g3w-4662","reference_id":"GHSA-vj2j-6g3w-4662","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vj2j-6g3w-4662"}],"weaknesses":[{"cwe_id":352,"name":"Cross-Site Request Forgery (CSRF)","description":"The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qnsx-aa52-fkhf"}