Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DecidimDecidim

3 matches found

CVE
CVEadded 2024/02/20 6:15 p.m.54 views

CVE-2023-48220

Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the devise_invitable gem, the invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. This issue creates vulnerable depen...

7.4CVSS5.6AI score0.00584EPSS
CVE
CVEadded 2024/11/13 5:15 p.m.43 views

CVE-2024-45594

Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0.

7.7CVSS7.2AI score0.00101EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.28 views

CVE-2023-34090

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Decidim uses a third-party library named Ransack for filtering certain database collections (e.g., public meetings). By default,...

7.5CVSS7.4AI score0.00257EPSS