Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 02 Sep 2025 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Jhpyle
Jhpyle docassemble
CPEs cpe:2.3:a:jhpyle:docassemble:*:*:*:*:*:*:*:*
Vendors & Products Jhpyle
Jhpyle docassemble

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2024-08-05T17:12:17.718Z

Reserved: 2024-02-22T18:08:38.874Z

Link: CVE-2024-27291

cve-icon Vulnrichment

Updated: 2024-08-02T00:27:59.899Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-21T02:52:19.343

Modified: 2025-09-02T13:39:33.873

Link: CVE-2024-27291

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.