Decidim is a participatory democracy framework. The admin panel is subject to potential XSS attach in case the attacker manages to modify some records being uploaded to the server. This vulnerability is fixed in 0.27.6 and 0.28.1.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Decidim |
|
Configuration 1 [-]
|
No data.
References
History
Fri, 30 Aug 2024 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Decidim
Decidim decidim |
|
| CPEs | cpe:2.3:a:decidim:decidim:*:*:*:*:*:ruby:*:* cpe:2.3:a:decidim:decidim:0.28.0:-:*:*:*:ruby:*:* cpe:2.3:a:decidim:decidim:0.28.0:rc1:*:*:*:ruby:*:* cpe:2.3:a:decidim:decidim:0.28.0:rc2:*:*:*:ruby:*:* cpe:2.3:a:decidim:decidim:0.28.0:rc3:*:*:*:ruby:*:* cpe:2.3:a:decidim:decidim:0.28.0:rc4:*:*:*:ruby:*:* cpe:2.3:a:decidim:decidim:0.28.0:rc5:*:*:*:ruby:*:* |
|
| Vendors & Products |
Decidim
Decidim decidim |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-07-10T19:07:45.995Z
Updated: 2024-08-02T00:27:59.577Z
Reserved: 2024-02-19T14:43:05.993Z
Link: CVE-2024-27095
Vulnrichment
Updated: 2024-08-02T00:27:59.577Z
NVD
Status : Modified
Published: 2024-07-10T19:15:10.407
Modified: 2024-11-21T09:03:50.910
Link: CVE-2024-27095
Redhat
No data.