VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-1qmx-g61u-g7dh

Essentials
Severities (26)
References (11)
Severity details (25)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-1qmx-g61u-g7dh
Aliases	CVE-2024-32882 GHSA-w2v8-php4-p8hc
Summary
Status	Published
Exploitability	0.5
Weighted Severity	2.7
Risk	1.4
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-280	Improper Handling of Insufficient Permissions or Privileges
CWE-281	Improper Preservation of Permissions

System	Score	Found at
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-32882
cvssv3.1	2.7	https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset
generic_textual	LOW	https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset
ssvc	Track	https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset
cvssv3.1	2.7	https://docs.wagtail.org/en/stable/reference/contrib/settings.html
generic_textual	LOW	https://docs.wagtail.org/en/stable/reference/contrib/settings.html
ssvc	Track	https://docs.wagtail.org/en/stable/reference/contrib/settings.html
cvssv3.1	2.7	https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission
generic_textual	LOW	https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission
ssvc	Track	https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-w2v8-php4-p8hc
cvssv3.1	2.7	https://github.com/wagtail/wagtail
generic_textual	LOW	https://github.com/wagtail/wagtail
cvssv3.1	2.7	https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b
generic_textual	LOW	https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b
ssvc	Track	https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b
cvssv3.1	2.7	https://github.com/wagtail/wagtail/commit/fa0d4829f9c81eefb37cc058e2fa1b6a918741da
generic_textual	LOW	https://github.com/wagtail/wagtail/commit/fa0d4829f9c81eefb37cc058e2fa1b6a918741da
cvssv3.1	2.7	https://github.com/wagtail/wagtail/releases/tag/v6.0.3
generic_textual	LOW	https://github.com/wagtail/wagtail/releases/tag/v6.0.3
cvssv3.1	2.7	https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc
cvssv3.1_qr	LOW	https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc
generic_textual	LOW	https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc
ssvc	Track	https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc
cvssv3.1	2.7	https://nvd.nist.gov/vuln/detail/CVE-2024-32882
generic_textual	LOW	https://nvd.nist.gov/vuln/detail/CVE-2024-32882

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2024-32882
		https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset
		https://docs.wagtail.org/en/stable/reference/contrib/settings.html
		https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission
		https://github.com/wagtail/wagtail
		https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b
		https://github.com/wagtail/wagtail/commit/fa0d4829f9c81eefb37cc058e2fa1b6a918741da
		https://github.com/wagtail/wagtail/releases/tag/v6.0.3
CVE-2024-32882		https://nvd.nist.gov/vuln/detail/CVE-2024-32882
GHSA-w2v8-php4-p8hc		https://github.com/advisories/GHSA-w2v8-php4-p8hc
GHSA-w2v8-php4-p8hc		https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T13:08:02Z/ Found at https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://docs.wagtail.org/en/stable/reference/contrib/settings.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T13:08:02Z/ Found at https://docs.wagtail.org/en/stable/reference/contrib/settings.html

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T13:08:02Z/ Found at https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/wagtail/wagtail

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T13:08:02Z/ Found at https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/wagtail/wagtail/commit/fa0d4829f9c81eefb37cc058e2fa1b6a918741da

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/wagtail/wagtail/releases/tag/v6.0.3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T13:08:02Z/ Found at https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-32882

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.24262
EPSS Score	0.00083
Published At	May 30, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-30T22:39:50.112701+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	38.6.0