Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7ewa-w75h-qfdy
Summary
Magento Open Source allows Cross-Site Scripting (XSS)
Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Aliases
0
alias CVE-2023-22249
1
alias GHSA-fxcr-gvcw-hmqm
Fixed_packages
Affected_packages
0
url pkg:composer/magento/community-edition@2.4.4-p1
purl pkg:composer/magento/community-edition@2.4.4-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1
1
url pkg:composer/magento/community-edition@2.4.4-p2
purl pkg:composer/magento/community-edition@2.4.4-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ewa-w75h-qfdy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2
2
url pkg:composer/magento/community-edition@2.4.4
purl pkg:composer/magento/community-edition@2.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4
3
url pkg:composer/magento/community-edition@2.4.5-p1
purl pkg:composer/magento/community-edition@2.4.5-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1
4
url pkg:composer/magento/community-edition@2.4.5
purl pkg:composer/magento/community-edition@2.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5
References
0
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
url https://github.com/magento/magento2
1
reference_url https://helpx.adobe.com/security/products/magento/apsb23-17.html
reference_id
reference_type
scores
url https://helpx.adobe.com/security/products/magento/apsb23-17.html
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22249
reference_id CVE-2023-22249
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-22249
3
reference_url https://github.com/advisories/GHSA-fxcr-gvcw-hmqm
reference_id GHSA-fxcr-gvcw-hmqm
reference_type
scores
url https://github.com/advisories/GHSA-fxcr-gvcw-hmqm
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7ewa-w75h-qfdy