CVE-2024-32469

Published July 10th, 2024

View on NVD ↗

CVSS v3

7.1

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Decidim is a participatory democracy framework. The pagination feature used in searches and filters is subject to potential XSS attack through a malformed URL using the GET parameter `per_page`. This vulnerability is fixed in 0.27.6 and 0.28.1.

decidim/decidim

The participatory democracy framework. A generator and multiple gems made with Ruby on Rails

GitHub

1.77K