RubyGems package
decidim-meetings
pkg:gem/decidim-meetings
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45594 | — | >= 0.28.0, < 0.28.3 | 0.28.3 | Nov 13, 2024 | Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0. | ||
| CVE-2023-34090 | — | >= 0.27.0, < 0.27.3 | 0.27.3 | Jul 11, 2023 | Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Decidim uses a third-party library named Ransack for filtering certain database collections (e.g., public mee |
- CVE-2024-45594Nov 13, 2024affected >= 0.28.0, < 0.28.3fixed 0.28.3
Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0.
- CVE-2023-34090Jul 11, 2023affected >= 0.27.0, < 0.27.3fixed 0.27.3
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Decidim uses a third-party library named Ransack for filtering certain database collections (e.g., public mee