Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-qv14-m93d-jyd9
Summary
Cross-site Scripting
TYPO3 allows XSS.
Aliases
0
alias CVE-2019-12748
Fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
Affected_packages
0
url pkg:composer/typo3/cms@8.3.0
purl pkg:composer/typo3/cms@8.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h7cg-64er-uya9
1
vulnerability VCID-qv14-m93d-jyd9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.0
1
url pkg:composer/typo3/cms@8.7.26
purl pkg:composer/typo3/cms@8.7.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qv14-m93d-jyd9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.26
2
url pkg:composer/typo3/cms@9.0.0
purl pkg:composer/typo3/cms@9.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-3ugj-6m1e-e3hr
2
vulnerability VCID-3ye6-vqje-abh4
3
vulnerability VCID-4eym-e6vt-8fbs
4
vulnerability VCID-4jck-w9ct-budk
5
vulnerability VCID-7ch1-q9f4-a7bt
6
vulnerability VCID-7m6u-k5tp-gkhy
7
vulnerability VCID-7xv1-78u7-xufp
8
vulnerability VCID-953t-q1cr-zyd6
9
vulnerability VCID-9adx-p876-kyb5
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-abjx-8v46-d7d8
12
vulnerability VCID-am6s-67bm-77dr
13
vulnerability VCID-cvk2-93hm-gkhx
14
vulnerability VCID-dsqm-9q3e-dudw
15
vulnerability VCID-emqq-kwjg-3kfk
16
vulnerability VCID-fut7-bb1f-37g7
17
vulnerability VCID-hp99-ncuh-6ugv
18
vulnerability VCID-j8hk-bqnb-gycp
19
vulnerability VCID-je4q-svfw-hqda
20
vulnerability VCID-jq5y-7h9g-mufa
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-khpm-e1xb-hydb
23
vulnerability VCID-njsj-bwjq-fyap
24
vulnerability VCID-nney-azbc-pucg
25
vulnerability VCID-pmvp-twk2-jqe4
26
vulnerability VCID-qv14-m93d-jyd9
27
vulnerability VCID-qxab-9uwr-yqhv
28
vulnerability VCID-ru6w-m6q6-27gn
29
vulnerability VCID-sdjb-gp4t-vbgt
30
vulnerability VCID-sdsa-mh76-kqch
31
vulnerability VCID-u259-2sxq-tbct
32
vulnerability VCID-uq77-aax5-k7d8
33
vulnerability VCID-vq15-t92r-5bhx
34
vulnerability VCID-vw2r-g8yy-eyf4
35
vulnerability VCID-w1wb-mq2y-dfca
36
vulnerability VCID-x5x1-w7yv-eye9
37
vulnerability VCID-y7ds-p5r2-yuhq
38
vulnerability VCID-yz6t-ge1y-qfgr
39
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0
3
url pkg:composer/typo3/cms@9.5.7
purl pkg:composer/typo3/cms@9.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qv14-m93d-jyd9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.7
References
0
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12748
reference_id CVE-2019-12748
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-12748
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-qv14-m93d-jyd9