CVE-2024-45594

Published November 13th, 2024

View on NVD ↗

CVSS v3

7.7

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0.

decidim/decidim

The participatory democracy framework. A generator and multiple gems made with Ruby on Rails

GitHub

1.77K