Lucene search

CVE-2024-27095

🗓️ 10 Jul 2024 19:10:15Reported by GitHub_MType

Decidim participatory democracy framework XSS attack fix

Reporter	Title	Published	Views	Family All 8
Github Security Blog	Decidim cross-site scripting (XSS) in the admin panel	10 Jul 202416:02	–	github
Vulnrichment	CVE-2024-27095 Decidim cross-site scripting (XSS) in the admin panel	10 Jul 202419:07	–	vulnrichment
Veracode	Cross Site Scripting	11 Jul 202406:45	–	veracode
RubySec	Decidim cross-site scripting (XSS) in the admin panel	9 Jul 202421:00	–	rubygems
Cvelist	CVE-2024-27095 Decidim cross-site scripting (XSS) in the admin panel	10 Jul 202419:07	–	cvelist
NVD	CVE-2024-27095	10 Jul 202419:15	–	nvd
OSV	GHSA-529P-JJ47-W3M3 Decidim cross-site scripting (XSS) in the admin panel	10 Jul 202416:02	–	osv
OSV	CVE-2024-27095	10 Jul 202419:15	–	osv

Nvd

Vulners

Node

decidim decidimRange<0.27.6ruby

decidim decidimMatch0.28.0-ruby

decidim decidimMatch0.28.0rc1ruby

decidim decidimMatch0.28.0rc2ruby

decidim decidimMatch0.28.0rc3ruby

decidim decidimMatch0.28.0rc4ruby

decidim decidimMatch0.28.0rc5ruby

[
  {
    "vendor": "decidim",
    "product": "decidim",
    "versions": [
      {
        "version": "< 0.27.6",
        "status": "affected"
      },
      {
        "version": ">= 0.28.0.rc1, < 0.28.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/decidim/decidim/security/advisories/GHSA-529p-jj47-w3m3
github	www.github.com/decidim/decidim/releases/tag/v0.28.1
github	www.github.com/decidim/decidim/releases/tag/v0.27.6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jul 2024 19:15Current

4.8Medium risk

Vulners AI Score4.8

CVSS34.8 - 5.4

EPSS0.00053

SSVC

CWE-79