Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-j5vp-2jrx-ukf4
Summary
Magento Open Source allows Cross-Site Scripting (XSS)
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, that could be leveraged to gain admin access.
Aliases
0
alias CVE-2024-20719
1
alias GHSA-264g-f7v8-q5qq
Fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p7
purl pkg:composer/magento/community-edition@2.4.4-p7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7
1
url pkg:composer/magento/community-edition@2.4.5-p6
purl pkg:composer/magento/community-edition@2.4.5-p6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6
2
url pkg:composer/magento/community-edition@2.4.6-p4
purl pkg:composer/magento/community-edition@2.4.6-p4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4
Affected_packages
0
url pkg:composer/magento/community-edition@2.4.4-p1
purl pkg:composer/magento/community-edition@2.4.4-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1
1
url pkg:composer/magento/community-edition@2.4.4
purl pkg:composer/magento/community-edition@2.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4
2
url pkg:composer/magento/community-edition@2.4.5-p1
purl pkg:composer/magento/community-edition@2.4.5-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1
3
url pkg:composer/magento/community-edition@2.4.5
purl pkg:composer/magento/community-edition@2.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5
4
url pkg:composer/magento/community-edition@2.4.6-p1
purl pkg:composer/magento/community-edition@2.4.6-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-b4jg-dj1a-9qd5
1
vulnerability VCID-cgwk-hn4t-n7c1
2
vulnerability VCID-j124-q39m-mkby
3
vulnerability VCID-j5vp-2jrx-ukf4
4
vulnerability VCID-jhd5-tqph-3ufu
5
vulnerability VCID-kxnm-y19k-mqg2
6
vulnerability VCID-m83v-51cy-uqar
7
vulnerability VCID-msac-ptqf-pyg1
8
vulnerability VCID-p222-28c1-vfhy
9
vulnerability VCID-qfw5-3tdu-x7g4
10
vulnerability VCID-r7nh-arcj-8fb3
11
vulnerability VCID-rbjk-3gcs-2qb5
12
vulnerability VCID-rf6p-ct86-5bgz
13
vulnerability VCID-ruru-fwmn-5kes
14
vulnerability VCID-s5e2-d6n8-kkbr
15
vulnerability VCID-w3zd-fezc-nuhd
16
vulnerability VCID-y4r1-yr69-uuf6
17
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p1
5
url pkg:composer/magento/community-edition@2.4.6
purl pkg:composer/magento/community-edition@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7s7e-adr6-h3dc
4
vulnerability VCID-az2w-5xhy-5fe4
5
vulnerability VCID-b4jg-dj1a-9qd5
6
vulnerability VCID-cafy-5dd8-rudj
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-dj5a-35gt-u7dn
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-j124-q39m-mkby
12
vulnerability VCID-j5vp-2jrx-ukf4
13
vulnerability VCID-jhd5-tqph-3ufu
14
vulnerability VCID-kxnm-y19k-mqg2
15
vulnerability VCID-m83v-51cy-uqar
16
vulnerability VCID-msac-ptqf-pyg1
17
vulnerability VCID-mtr5-suag-2bdj
18
vulnerability VCID-p222-28c1-vfhy
19
vulnerability VCID-qfw5-3tdu-x7g4
20
vulnerability VCID-qrwc-3gsb-zkfy
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-th7y-aj51-mbaj
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-yyq6-dvyx-3bb9
34
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6
6
url pkg:composer/magento/project-community-edition@2.0.2
purl pkg:composer/magento/project-community-edition@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-36ve-7wxt-z7fz
2
vulnerability VCID-3et4-3zad-1qfn
3
vulnerability VCID-525q-afzj-tkcp
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-b5hn-f1qk-z7cu
8
vulnerability VCID-cafy-5dd8-rudj
9
vulnerability VCID-cgwk-hn4t-n7c1
10
vulnerability VCID-d2ab-j8bf-e7dx
11
vulnerability VCID-dj5a-35gt-u7dn
12
vulnerability VCID-dx43-89w9-a7dg
13
vulnerability VCID-fzam-yuyg-qyd5
14
vulnerability VCID-hh8a-mgkk-3yb5
15
vulnerability VCID-j124-q39m-mkby
16
vulnerability VCID-j5vp-2jrx-ukf4
17
vulnerability VCID-jhd5-tqph-3ufu
18
vulnerability VCID-kxnm-y19k-mqg2
19
vulnerability VCID-m83v-51cy-uqar
20
vulnerability VCID-msac-ptqf-pyg1
21
vulnerability VCID-mtr5-suag-2bdj
22
vulnerability VCID-nn21-hf8r-ykfd
23
vulnerability VCID-p222-28c1-vfhy
24
vulnerability VCID-qfw5-3tdu-x7g4
25
vulnerability VCID-qrwc-3gsb-zkfy
26
vulnerability VCID-r7nh-arcj-8fb3
27
vulnerability VCID-rbjk-3gcs-2qb5
28
vulnerability VCID-rf6p-ct86-5bgz
29
vulnerability VCID-ruru-fwmn-5kes
30
vulnerability VCID-s5e2-d6n8-kkbr
31
vulnerability VCID-th7y-aj51-mbaj
32
vulnerability VCID-upcj-z3c1-ubcf
33
vulnerability VCID-w3zd-fezc-nuhd
34
vulnerability VCID-wjfe-wh5k-1qft
35
vulnerability VCID-ws6y-k3tx-r3gb
36
vulnerability VCID-x46d-a16g-nkg9
37
vulnerability VCID-y4r1-yr69-uuf6
38
vulnerability VCID-y93w-2qcc-wqg8
39
vulnerability VCID-yuvf-e7hk-kqf9
40
vulnerability VCID-yyq6-dvyx-3bb9
41
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/project-community-edition@2.0.2
References
0
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
url https://github.com/magento/magento2
1
reference_url https://helpx.adobe.com/security/products/magento/apsb24-03.html
reference_id
reference_type
scores
url https://helpx.adobe.com/security/products/magento/apsb24-03.html
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20719
reference_id CVE-2024-20719
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-20719
3
reference_url https://github.com/advisories/GHSA-264g-f7v8-q5qq
reference_id GHSA-264g-f7v8-q5qq
reference_type
scores
url https://github.com/advisories/GHSA-264g-f7v8-q5qq
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-j5vp-2jrx-ukf4