GHSA-JM79-9PM4-VRW9 Decidim vulnerable to sensitive data disclosure
Note: added the actual report as a comment. Summary Decidim, a platform for digital citizen participation, uses a third-party library named Ransack for filtering certain database collections e.g., public meetings. By default, this library allows filtering on all data attributes and associations...