{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30550?format=json","vulnerability_id":"VCID-ybf8-7h5c-3bbu","summary":"XSS in URL Query String Parameter\nIn versions 2.1.0-M1 and 2.1.0-M2, swagger-ui has a cross site scripting (XSS) vulnerability in the `url` query string parameter.","aliases":[{"alias":"CVE-2016-1000239"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6598?format=json","purl":"pkg:npm/swagger-ui@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3hsn-22rw-7kay"},{"vulnerability":"VCID-5918-w4jq-rka8"},{"vulnerability":"VCID-byuc-dyx4-zben"},{"vulnerability":"VCID-fc6y-84x3-8bgu"},{"vulnerability":"VCID-gdhu-jxfv-k7a9"},{"vulnerability":"VCID-h64t-4k96-h7d4"},{"vulnerability":"VCID-hvuf-t6m7-fuhh"},{"vulnerability":"VCID-jkux-j1yd-47ep"},{"vulnerability":"VCID-mjr2-z5x4-e3bs"},{"vulnerability":"VCID-mpx5-7r4y-77a9"},{"vulnerability":"VCID-r28p-re5d-uya7"},{"vulnerability":"VCID-s2s9-qpgy-nffr"},{"vulnerability":"VCID-sp5n-ncjd-rkft"},{"vulnerability":"VCID-uyf1-htgj-6bdp"},{"vulnerability":"VCID-wfzu-tsmb-nqf1"},{"vulnerability":"VCID-znja-a329-yyh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6596?format=json","purl":"pkg:npm/swagger-ui@2.1.0-M1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3hsn-22rw-7kay"},{"vulnerability":"VCID-5918-w4jq-rka8"},{"vulnerability":"VCID-6xjv-drz7-tbgc"},{"vulnerability":"VCID-byuc-dyx4-zben"},{"vulnerability":"VCID-fc6y-84x3-8bgu"},{"vulnerability":"VCID-gdhu-jxfv-k7a9"},{"vulnerability":"VCID-h64t-4k96-h7d4"},{"vulnerability":"VCID-hvuf-t6m7-fuhh"},{"vulnerability":"VCID-jkux-j1yd-47ep"},{"vulnerability":"VCID-mjr2-z5x4-e3bs"},{"vulnerability":"VCID-mpx5-7r4y-77a9"},{"vulnerability":"VCID-r28p-re5d-uya7"},{"vulnerability":"VCID-s2s9-qpgy-nffr"},{"vulnerability":"VCID-sp5n-ncjd-rkft"},{"vulnerability":"VCID-uyf1-htgj-6bdp"},{"vulnerability":"VCID-wfzu-tsmb-nqf1"},{"vulnerability":"VCID-ybf8-7h5c-3bbu"},{"vulnerability":"VCID-znja-a329-yyh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.0-M1"},{"url":"http://public2.vulnerablecode.io/api/packages/6597?format=json","purl":"pkg:npm/swagger-ui@2.1.0-M2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3hsn-22rw-7kay"},{"vulnerability":"VCID-5918-w4jq-rka8"},{"vulnerability":"VCID-6xjv-drz7-tbgc"},{"vulnerability":"VCID-byuc-dyx4-zben"},{"vulnerability":"VCID-fc6y-84x3-8bgu"},{"vulnerability":"VCID-gdhu-jxfv-k7a9"},{"vulnerability":"VCID-h64t-4k96-h7d4"},{"vulnerability":"VCID-hvuf-t6m7-fuhh"},{"vulnerability":"VCID-jkux-j1yd-47ep"},{"vulnerability":"VCID-mjr2-z5x4-e3bs"},{"vulnerability":"VCID-mpx5-7r4y-77a9"},{"vulnerability":"VCID-r28p-re5d-uya7"},{"vulnerability":"VCID-s2s9-qpgy-nffr"},{"vulnerability":"VCID-sp5n-ncjd-rkft"},{"vulnerability":"VCID-uyf1-htgj-6bdp"},{"vulnerability":"VCID-wfzu-tsmb-nqf1"},{"vulnerability":"VCID-ybf8-7h5c-3bbu"},{"vulnerability":"VCID-znja-a329-yyh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/swagger-ui@2.1.0-M2"}],"references":[{"reference_url":"https://github.com/swagger-api/swagger-ui/issues/1262","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/swagger-api/swagger-ui/issues/1262"},{"reference_url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/137.json","reference_id":"137","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/137.json"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.1 - 9.1","exploitability":"0.5","weighted_severity":"8.2","risk_score":4.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ybf8-7h5c-3bbu"}