Lucene search

Veracode Vulnerability DatabaseVERACODE:45555

HistoryFeb 21, 2024 - 7:04 a.m.

Cross-site Scripting (XSS)

2024-02-2107:04:06

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

cross-site scripting

decidim

vulnerability

file upload

dynamic

database

attackers

malicious

6.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON

decidim is vulnerable to Cross-site Scripting (XSS). The vulnerability is due to improper handling of file names during dynamic file uploads. This allows attackers to craft malicious file names that get stored in the database and executed when viewed by other users.

CPENameOperatorVersion
decidimle0.27.4
decidim-corele0.27.4
decidimle0.27.4
decidim-corele0.27.4

Name	Operator	Version
decidim	le	0.27.4
decidim-core	le	0.27.4
decidim	le	0.27.4
decidim-core	le	0.27.4

References

github.com/advisories/GHSA-9w99-78rj-hmxq

github.com/decidim/decidim/commit/aaf72787cf18beeeb6a771c1f7cbb7654b073423

github.com/decidim/decidim/pull/11612

github.com/decidim/decidim/releases/tag/v0.27.5

github.com/decidim/decidim/releases/tag/v0.28.0

github.com/decidim/decidim/security/advisories/GHSA-9w99-78rj-hmxq

github.com/rails/rails/blob/a967d355c6fee9ad9b8bd115d43bc8b0fc207e7e/activestorage/app/controllers/active_storage/direct_uploads_controller.rb#L14