{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35255?format=json","vulnerability_id":"VCID-5hk9-rp44-1ud3","summary":"An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS.","aliases":[{"alias":"CVE-2018-16405"},{"alias":"GHSA-fpcv-j2q9-vqhw"},{"alias":"PYSEC-2018-106"},{"alias":"PYSEC-2018-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/11923?format=json","purl":"pkg:pypi/mayan-edms@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11928?format=json","purl":"pkg:pypi/mayan-edms-ng@3.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms-ng@3.0.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/11879?format=json","purl":"pkg:pypi/mayan-edms@1.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@1.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/11880?format=json","purl":"pkg:pypi/mayan-edms@1.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@1.0rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/11881?format=json","purl":"pkg:pypi/mayan-edms@1.0rc3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@1.0rc3"},{"url":"http://public2.vulnerablecode.io/api/packages/11882?format=json","purl":"pkg:pypi/mayan-edms@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11883?format=json","purl":"pkg:pypi/mayan-edms@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11884?format=json","purl":"pkg:pypi/mayan-edms@1.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@1.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11885?format=json","purl":"pkg:pypi/mayan-edms@2.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/11886?format=json","purl":"pkg:pypi/mayan-edms@2.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/11887?format=json","purl":"pkg:pypi/mayan-edms@2.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/11888?format=json","purl":"pkg:pypi/mayan-edms@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11889?format=json","purl":"pkg:pypi/mayan-edms@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11890?format=json","purl":"pkg:pypi/mayan-edms@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11891?format=json","purl":"pkg:pypi/mayan-edms@2.1rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/11892?format=json","purl":"pkg:pypi/mayan-edms@2.1rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/11893?format=json","purl":"pkg:pypi/mayan-edms@2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11894?format=json","purl":"pkg:pypi/mayan-edms@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11895?format=json","purl":"pkg:pypi/mayan-edms@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11896?format=json","purl":"pkg:pypi/mayan-edms@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11897?format=json","purl":"pkg:pypi/mayan-edms@2.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/11898?format=json","purl":"pkg:pypi/mayan-edms@2.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/11899?format=json","purl":"pkg:pypi/mayan-edms@2.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/11900?format=json","purl":"pkg:pypi/mayan-edms@2.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/11901?format=json","purl":"pkg:pypi/mayan-edms@2.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/11902?format=json","purl":"pkg:pypi/mayan-edms@2.2b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.2b1"},{"url":"http://public2.vulnerablecode.io/api/packages/11903?format=json","purl":"pkg:pypi/mayan-edms@2.2b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.2b2"},{"url":"http://public2.vulnerablecode.io/api/packages/11904?format=json","purl":"pkg:pypi/mayan-edms@2.2b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.2b3"},{"url":"http://public2.vulnerablecode.io/api/packages/11905?format=json","purl":"pkg:pypi/mayan-edms@2.2rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.2rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/11906?format=json","purl":"pkg:pypi/mayan-edms@2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11907?format=json","purl":"pkg:pypi/mayan-edms@2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11908?format=json","purl":"pkg:pypi/mayan-edms@2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/11909?format=json","purl":"pkg:pypi/mayan-edms@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/11910?format=json","purl":"pkg:pypi/mayan-edms@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11911?format=json","purl":"pkg:pypi/mayan-edms@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11912?format=json","purl":"pkg:pypi/mayan-edms@2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/11913?format=json","purl":"pkg:pypi/mayan-edms@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11914?format=json","purl":"pkg:pypi/mayan-edms@2.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11915?format=json","purl":"pkg:pypi/mayan-edms@2.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11916?format=json","purl":"pkg:pypi/mayan-edms@2.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/11917?format=json","purl":"pkg:pypi/mayan-edms@2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/11918?format=json","purl":"pkg:pypi/mayan-edms@2.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11919?format=json","purl":"pkg:pypi/mayan-edms@2.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11920?format=json","purl":"pkg:pypi/mayan-edms@2.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@2.7.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11921?format=json","purl":"pkg:pypi/mayan-edms@3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11922?format=json","purl":"pkg:pypi/mayan-edms@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"},{"vulnerability":"VCID-92gn-k1jm-47fe"},{"vulnerability":"VCID-etyd-8wdw-6fg9"},{"vulnerability":"VCID-ex64-9sg9-3kdu"},{"vulnerability":"VCID-mynh-sahb-2be8"},{"vulnerability":"VCID-qc9r-2nr9-5uc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11925?format=json","purl":"pkg:pypi/mayan-edms-ng@2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms-ng@2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/11926?format=json","purl":"pkg:pypi/mayan-edms-ng@3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms-ng@3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11927?format=json","purl":"pkg:pypi/mayan-edms-ng@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5hk9-rp44-1ud3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mayan-edms-ng@3.0.1"}],"references":[{"reference_url":"https://github.com/advisories/GHSA-fpcv-j2q9-vqhw","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fpcv-j2q9-vqhw"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms-ng/PYSEC-2018-16.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms-ng/PYSEC-2018-16.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-106.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2018-106.yaml"},{"reference_url":"https://gitlab.com/mayan-edms/mayan-edms","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/mayan-edms/mayan-edms"},{"reference_url":"https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst"},{"reference_url":"https://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e"},{"reference_url":"https://gitlab.com/mayan-edms/mayan-edms/issues/494","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/mayan-edms/mayan-edms/issues/494"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16405","reference_id":"CVE-2018-16405","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16405"}],"weaknesses":[{"cwe_id":79,"name":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","description":"The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hk9-rp44-1ud3"}