Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6ssf-hguz-qfhz
SummaryA vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Aliases
0
alias CVE-2024-8145
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8145
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.27542
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8145
1
reference_url https://github.com/acmglz/bug2_report/blob/main/classcms_url_jump.md
reference_id classcms_url_jump.md
reference_type
scores
0
value 3.3
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:M/C:N/I:P/A:N
1
value 2.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
2
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:47:39Z/
url https://github.com/acmglz/bug2_report/blob/main/classcms_url_jump.md
2
reference_url https://vuldb.com/?ctiid.275726
reference_id ?ctiid.275726
reference_type
scores
0
value 3.3
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:M/C:N/I:P/A:N
1
value 2.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
2
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:47:39Z/
url https://vuldb.com/?ctiid.275726
3
reference_url https://vuldb.com/?id.275726
reference_id ?id.275726
reference_type
scores
0
value 3.3
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:M/C:N/I:P/A:N
1
value 2.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
2
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:47:39Z/
url https://vuldb.com/?id.275726
4
reference_url https://vuldb.com/?submit.397219
reference_id ?submit.397219
reference_type
scores
0
value 3.3
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:M/C:N/I:P/A:N
1
value 2.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
2
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:47:39Z/
url https://vuldb.com/?submit.397219
Weaknesses
0
cwe_id 80
name Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
description The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as <, >, and & that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.
Exploits
Severity_range_score2.4 - 5.1
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6ssf-hguz-qfhz