Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0624

Malicious code in bioql PyPI...

5.7CVSS5.2AI score0.00313EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.10 views

CVE-2023-47635

Decidim is a participatory democracy framework. Starting in version 0.23.0 and prior to versions 0.27.5 and 0.28.0, the CSRF authenticity token check is disabled for the questionnaire templates preview. The issue does not imply a serious security thread as you need to have access also to the...

5.7CVSS6.7AI score0.00313EPSS
Exploits0References1
OSV
OSV
added 2024/02/20 6:3 p.m.16 views

GHSA-F3QM-VFC3-JG6V Possible CSRF attack at questionnaire templates preview

Impact The CSRF authenticity token check is currently disabled for the questionnaire templates preview as per: https://github.com/decidim/decidim/blob/3187bdfd40ea1c57c2c12512b09a7fec0b2bed08/decidim-templates/app/controllers/decidim/templates/admin/questionnairetemplatescontroller.rbL11 This was...

4.5CVSS5.1AI score0.00313EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2024/02/20 6:3 p.m.32 views

Possible CSRF attack at questionnaire templates preview

Impact The CSRF authenticity token check is currently disabled for the questionnaire templates preview as per: https://github.com/decidim/decidim/blob/3187bdfd40ea1c57c2c12512b09a7fec0b2bed08/decidim-templates/app/controllers/decidim/templates/admin/questionnairetemplatescontroller.rbL11 This was...

5.7CVSS7.2AI score0.00313EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2024/02/20 4:45 p.m.26 views

CVE-2023-47635 Decidim vulnerable to possible CSRF attack at questionnaire templates preview

Decidim is a participatory democracy framework. Starting in version 0.23.0 and prior to versions 0.27.5 and 0.28.0, the CSRF authenticity token check is disabled for the questionnaire templates preview. The issue does not imply a serious security thread as you need to have access also to the...

4.5CVSS5AI score0.00313EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.4 views

PT-2024-13465 · Decidim · Decidim

Name of the Vulnerable Software and Affected Versions: Decidim versions 0.23.0 through 0.27.4 Decidim versions 0.28.0 before the fix Description: Decidim is a participatory democracy framework. The CSRF authenticity token check is disabled for the questionnaire templates preview, which may allow...

5.7CVSS7.4AI score0.00313EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/02/20 12:0 a.m.6 views

Decidim security breach

Decidim is a participatory democracy framework written in Ruby on Rails. A security vulnerability exists in Decidim versions 0.23.0 through 0.27.4, which stems from a possible cross-site request forgery attack in the questionnaire templates preview...

5.7CVSS6.8AI score0.00313EPSS
Exploits0References9
RubySec
RubySec
added 2024/02/20 12:0 a.m.13 views

Possible CSRF attack at questionnaire templates preview

Impact The CSRF authenticity token check is currently disabled for the questionnaire templates preview as per: https://github.com/decidim/decidim/blob/3187bdfd40ea1c57c2c12512b09a7fec0b2bed08/decidim-templates/app/controllers/decidim/templates/admin/questionnairetemplatescontroller.rbL11 This was...

5.7CVSS7.2AI score0.00313EPSS
Exploits0References1Affected Software1
Qualys Blog
Qualys Blog
added 2018/07/21 6:57 a.m.41 views

SAQ Enables Users to Pick and Choose Questions for Custom Templates

Qualys Security Assessment Questionnaire SAQ has been enhanced with new features for questionnaire templates, which enable customers to choose questions that they want to include in their campaigns. The new Question Bank option in the SAQ Template Editor provides users with a repository of...

1.5AI score
Exploits0
Rows per page
Query Builder