Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-m5wa-t4b7-4kex
Summary
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altTable parameter that is stored via the setAltTable() method without validation or sanitization. This value is injected directly into a SQL FROM clause within feedGateway.cfc. An unauthenticated attacker can pass an arbitrary subquery into the altTable parameter to read sensitive data from any table in the database in a single HTTP request, including administrative credentials and password reset tokens.

This issue has been fixed in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. As a workaround, apply validation to the setAltTable function in core/mura/content/feed/feedBean.cfc to restrict input to simple alphanumeric table names, or disable the JSON API if it is not required.
Aliases
0
alias CVE-2026-40331
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40331
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.2492
published_at 2026-06-11T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.2512
published_at 2026-06-12T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.25138
published_at 2026-06-13T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.25124
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40331
1
reference_url https://github.com/MasaCMS/MasaCMS/security/advisories/GHSA-jphh-r686-6w7j
reference_id GHSA-jphh-r686-6w7j
reference_type
scores
0
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:51:04Z/
url https://github.com/MasaCMS/MasaCMS/security/advisories/GHSA-jphh-r686-6w7j
Weaknesses
0
cwe_id 89
name Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
Exploits
Severity_range_score9.3 - 9.3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-m5wa-t4b7-4kex