Description
Decidim is a participatory democracy framework. The admin panel is subject to potential XSS attach in case the attacker manages to modify some records being uploaded to the server. This vulnerability is fixed in 0.27.6 and 0.28.1.
Related CPE's
a
decidim
decidim
7
References
https://github.com/decidim/decidim/security/advisories/GHSA-529p-jj47-w3m3
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2024-07-10T19:15:10.407
7 months agoLast modified
2024-08-30T12:57:40.090
5 months ago