{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39337?format=json","vulnerability_id":"VCID-d5jf-zmr7-qqbu","summary":"Reflected Cross-Site Scripting\nMalicious input in the `highlighterId` parameter of the `clipboard.swf` component can be leveraged in a reflected XSS on hosts serving Redis Commander. Mitigating factors: Flash must be installed/enabled for this to work.","aliases":[{"alias":"GMS-2018-8"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54918?format=json","purl":"pkg:npm/redis-commander@0.0.0-alpha","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.0-alpha"},{"url":"http://public2.vulnerablecode.io/api/packages/215641?format=json","purl":"pkg:npm/redis-commander@0.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/215642?format=json","purl":"pkg:npm/redis-commander@0.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/215643?format=json","purl":"pkg:npm/redis-commander@0.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/215644?format=json","purl":"pkg:npm/redis-commander@0.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/215645?format=json","purl":"pkg:npm/redis-commander@0.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/215646?format=json","purl":"pkg:npm/redis-commander@0.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/215647?format=json","purl":"pkg:npm/redis-commander@0.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/215648?format=json","purl":"pkg:npm/redis-commander@0.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/215649?format=json","purl":"pkg:npm/redis-commander@0.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/215651?format=json","purl":"pkg:npm/redis-commander@0.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/215652?format=json","purl":"pkg:npm/redis-commander@0.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/215654?format=json","purl":"pkg:npm/redis-commander@0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/215656?format=json","purl":"pkg:npm/redis-commander@0.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/215657?format=json","purl":"pkg:npm/redis-commander@0.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/215658?format=json","purl":"pkg:npm/redis-commander@0.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/215659?format=json","purl":"pkg:npm/redis-commander@0.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d5jf-zmr7-qqbu"},{"vulnerability":"VCID-mf4c-4qpa-tuat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/redis-commander@0.4.5"}],"references":[{"reference_url":"https://hackerone.com/reports/296377","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/296377"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5jf-zmr7-qqbu"}