Lucene search
+L

4 matches found

osv
osv
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1309 Docassemble unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. Patches The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...

7.5CVSS7AI score0.69486EPSS
Exploits2References6
osv
osv
added 2024/02/29 10:14 p.m.19 views

GHSA-PCFX-G2J2-F6F6 Docassemble HTML and javascript injection

Impact A user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The HTML can also contain tags allowing JavaScript to execute on the page. Patches The vulnerability has been patched in version 1.4.97 of the master...

6.1CVSS6.2AI score0.00434EPSS
Exploits0References4
osv
osv
added 2024/02/29 10:14 p.m.15 views

GHSA-JQ57-3W7P-VWVV Docassemble unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. Patches The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...

7.5CVSS7.6AI score0.69486EPSS
Exploits2References4
github
github
added 2024/02/29 10:14 p.m.21 views

Docassemble unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. Patches The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...

7.5CVSS6.6AI score0.69486EPSS
Exploits2References4Affected Software2
Rows per page
Query Builder