CVE-2024-27095

Published July 10th, 2024

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Decidim is a participatory democracy framework. The admin panel is subject to potential XSS attach in case the attacker manages to modify some records being uploaded to the server. This vulnerability is fixed in 0.27.6 and 0.28.1.

decidim/decidim

The participatory democracy framework. A generator and multiple gems made with Ruby on Rails

GitHub

1.77K