Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-jv2f-sjrv-qbe2
SummaryA vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.0.0 is able to address this issue. It is recommended to upgrade the affected component.
Aliases
0
alias CVE-2017-20045
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-20045
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32408
published_at 2026-06-14T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.32228
published_at 2026-06-11T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.3241
published_at 2026-06-12T12:55:00Z
3
value 0.00131
scoring_system epss
scoring_elements 0.32429
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-20045
1
reference_url http://seclists.org/fulldisclosure/2017/Mar/24
reference_id 24
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:56:15Z/
url http://seclists.org/fulldisclosure/2017/Mar/24
2
reference_url https://vuldb.com/?id.97864
reference_id ?id.97864
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:56:15Z/
url https://vuldb.com/?id.97864
Weaknesses
0
cwe_id 352
name Cross-Site Request Forgery (CSRF)
description The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
Exploits
Severity_range_score7.3 - 7.3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-jv2f-sjrv-qbe2