RubyGems package
devise_invitable
pkg:gem/devise_invitable
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48220 | — | >= 0.4.rc3, < 2.0.9 | 2.0.9 | Feb 20, 2024 | Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the `devise_invitable` gem, the invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. This issue cre |
- CVE-2023-48220Feb 20, 2024affected >= 0.4.rc3, < 2.0.9fixed 2.0.9
Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the `devise_invitable` gem, the invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. This issue cre