Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-gha6-g3d2-wbau
Summary
Mozilla security researcher Jesse Ruderman reported that events in the plugin handler can be manipulated by web content to bypass same-origin policy (SOP) restrictions. This can allow for clickjacking on malicious web pages.
In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products.
Aliases
0
alias CVE-2013-0747
Fixed_packages
0
url pkg:mozilla/Firefox@18.0.0
purl pkg:mozilla/Firefox@18.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@18.0.0
1
url pkg:mozilla/Firefox%20ESR@17.0.2
purl pkg:mozilla/Firefox%20ESR@17.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@17.0.2
2
url pkg:mozilla/SeaMonkey@2.15.0
purl pkg:mozilla/SeaMonkey@2.15.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.15.0
3
url pkg:mozilla/Thunderbird@17.0.2
purl pkg:mozilla/Thunderbird@17.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@17.0.2
4
url pkg:mozilla/Thunderbird%20ESR@17.0.2
purl pkg:mozilla/Thunderbird%20ESR@17.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird%2520ESR@17.0.2
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0747
reference_id CVE-2013-0747
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0747
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2013-10
reference_id mfsa2013-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2013-10
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-gha6-g3d2-wbau