Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-dzgk-bhy3-9ued

Summary

Clickstorm SEO Allows Cross-Site Scripting (XSS)
A cross-site scripting (XSS) vulnerability has been discovered in the Clickstorm SEO extension. This vulnerabily is exploitable by a logged in backend user utilizing the TYPO3 backend user interface. This user can create output in the HTML context by exploiting improperly encoded user input. Updates 6.7.0, 7.4.0, 8.3.0 and 9.2.0 are available for download.

Aliases

alias	CVE-2025-30081

alias	GHSA-vmgw-24w6-9v82

Fixed_packages

url pkg:composer/clickstorm/cs-seo@6.7.0

purl pkg:composer/clickstorm/cs-seo@6.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.7.0

url pkg:composer/clickstorm/cs-seo@7.4.0

purl pkg:composer/clickstorm/cs-seo@7.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.4.0

url pkg:composer/clickstorm/cs-seo@8.3.0

purl pkg:composer/clickstorm/cs-seo@8.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.3.0

url pkg:composer/clickstorm/cs-seo@9.2.0

purl pkg:composer/clickstorm/cs-seo@9.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@9.2.0

Affected_packages

url pkg:composer/clickstorm/cs-seo@6.0.0

purl pkg:composer/clickstorm/cs-seo@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.0.0

url pkg:composer/clickstorm/cs-seo@6.1.0

purl pkg:composer/clickstorm/cs-seo@6.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.1.0

url pkg:composer/clickstorm/cs-seo@6.1.1

purl pkg:composer/clickstorm/cs-seo@6.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.1.1

url pkg:composer/clickstorm/cs-seo@6.2.0

purl pkg:composer/clickstorm/cs-seo@6.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.2.0

url pkg:composer/clickstorm/cs-seo@6.2.1

purl pkg:composer/clickstorm/cs-seo@6.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.2.1

url pkg:composer/clickstorm/cs-seo@6.3.0

purl pkg:composer/clickstorm/cs-seo@6.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.3.0

url pkg:composer/clickstorm/cs-seo@6.3.1

purl pkg:composer/clickstorm/cs-seo@6.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.3.1

url pkg:composer/clickstorm/cs-seo@6.3.2

purl pkg:composer/clickstorm/cs-seo@6.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.3.2

url pkg:composer/clickstorm/cs-seo@6.4.0

purl pkg:composer/clickstorm/cs-seo@6.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.4.0

url pkg:composer/clickstorm/cs-seo@6.4.1

purl pkg:composer/clickstorm/cs-seo@6.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.4.1

url pkg:composer/clickstorm/cs-seo@6.5.0

purl pkg:composer/clickstorm/cs-seo@6.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.5.0

url pkg:composer/clickstorm/cs-seo@6.6.0

purl pkg:composer/clickstorm/cs-seo@6.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@6.6.0

url pkg:composer/clickstorm/cs-seo@7.0.0

purl pkg:composer/clickstorm/cs-seo@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.0.0

url pkg:composer/clickstorm/cs-seo@7.0.1

purl pkg:composer/clickstorm/cs-seo@7.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.0.1

url pkg:composer/clickstorm/cs-seo@7.1.0

purl pkg:composer/clickstorm/cs-seo@7.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.1.0

url pkg:composer/clickstorm/cs-seo@7.2.0

purl pkg:composer/clickstorm/cs-seo@7.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.2.0

url pkg:composer/clickstorm/cs-seo@7.2.1

purl pkg:composer/clickstorm/cs-seo@7.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.2.1

url pkg:composer/clickstorm/cs-seo@7.3.0

purl pkg:composer/clickstorm/cs-seo@7.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.3.0

url pkg:composer/clickstorm/cs-seo@7.3.1

purl pkg:composer/clickstorm/cs-seo@7.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.3.1

url pkg:composer/clickstorm/cs-seo@7.3.2

purl pkg:composer/clickstorm/cs-seo@7.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.3.2

url pkg:composer/clickstorm/cs-seo@7.3.3

purl pkg:composer/clickstorm/cs-seo@7.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@7.3.3

url pkg:composer/clickstorm/cs-seo@8.0.0

purl pkg:composer/clickstorm/cs-seo@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.0.0

url pkg:composer/clickstorm/cs-seo@8.0.1

purl pkg:composer/clickstorm/cs-seo@8.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.0.1

url pkg:composer/clickstorm/cs-seo@8.1.0

purl pkg:composer/clickstorm/cs-seo@8.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.1.0

url pkg:composer/clickstorm/cs-seo@8.1.1

purl pkg:composer/clickstorm/cs-seo@8.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.1.1

url pkg:composer/clickstorm/cs-seo@8.1.2

purl pkg:composer/clickstorm/cs-seo@8.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.1.2

url pkg:composer/clickstorm/cs-seo@8.2.0

purl pkg:composer/clickstorm/cs-seo@8.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.2.0

url pkg:composer/clickstorm/cs-seo@8.2.1

purl pkg:composer/clickstorm/cs-seo@8.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@8.2.1

url pkg:composer/clickstorm/cs-seo@9.0.0

purl pkg:composer/clickstorm/cs-seo@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@9.0.0

url pkg:composer/clickstorm/cs-seo@9.0.1

purl pkg:composer/clickstorm/cs-seo@9.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@9.0.1

url pkg:composer/clickstorm/cs-seo@9.1.0

purl pkg:composer/clickstorm/cs-seo@9.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzgk-bhy3-9ued

vulnerability	VCID-ndaa-1djy-dqar

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/clickstorm/cs-seo@9.1.0

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-30081

reference_id

reference_type

scores

value	0.00558
scoring_system	epss
scoring_elements	0.68746
published_at	2026-06-12T12:55:00Z

value	0.00558
scoring_system	epss
scoring_elements	0.68755
published_at	2026-06-14T12:55:00Z

value	0.00558
scoring_system	epss
scoring_elements	0.68759
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-30081

reference_url

https://github.com/clickstorm/cs_seo

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/clickstorm/cs_seo

reference_url

https://github.com/clickstorm/cs_seo/commit/46e15a22d52da227b110bf6e95c2bcbb2fe4f55f

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/clickstorm/cs_seo/commit/46e15a22d52da227b110bf6e95c2bcbb2fe4f55f

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/clickstorm/cs-seo/CVE-2025-30081.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/clickstorm/cs-seo/CVE-2025-30081.yaml

reference_url

https://typo3.org/security/advisory/typo3-ext-sa-2025-003

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-ext-sa-2025-003

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2025-30081
reference_id	CVE-2025-30081
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2025-30081

reference_url

https://github.com/advisories/GHSA-vmgw-24w6-9v82

reference_id

GHSA-vmgw-24w6-9v82

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vmgw-24w6-9v82

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzgk-bhy3-9ued

Vulnerability Instance