VYPR
High severity7.1OSV Advisory· Published Jul 10, 2024· Updated Apr 15, 2026

CVE-2024-32469

CVE-2024-32469

Description

Decidim is a participatory democracy framework. The pagination feature used in searches and filters is subject to potential XSS attack through a malformed URL using the GET parameter per_page. This vulnerability is fixed in 0.27.6 and 0.28.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
decidimRubyGems
< 0.27.60.27.6
decidimRubyGems
>= 0.28.0.rc1, < 0.28.10.28.1

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.