CVE-2024-45594

Published Nov 13, 2024

Last updated 2 days ago

Overview

Description: Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0.
Source: security-advisories@github.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.7
Impact score: 5.8
Exploitability score: 1.3
Vector string: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Severity: HIGH

Weaknesses

security-advisories@github.com: CWE-79

Hype score: Not currently trending

CVE-2024-45594 Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malforme… https://t.co/1FS4I5qSjR
@CVEnew
13 Nov 2024
315 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes

References