CVE-2023-34089

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in version 0.27.3 and 0.26.7.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/decidim/decidim/releases/tag/v0.26.6	Release Notes
https://github.com/decidim/decidim/releases/tag/v0.27.3	Release Notes
https://github.com/decidim/decidim/security/advisories/GHSA-5652-92r9-3fx9	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:decidim:decidim::::::ruby::*
	cpe:2.3:a:decidim:decidim::::::ruby::*

History

No history.

Information

Published : 2023-07-11 18:15

Updated : 2023-07-21 17:16

NVD link : CVE-2023-34089

Mitre link : CVE-2023-34089

CVE.ORG link : CVE-2023-34089

JSON object : View

Products Affected

decidim

decidim

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-34089", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2023-07-11T18:15:16.170", "references": [{"url": "https://github.com/decidim/decidim/releases/tag/v0.26.6", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/decidim/decidim/releases/tag/v0.27.3", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/decidim/decidim/security/advisories/GHSA-5652-92r9-3fx9", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in version 0.27.3 and 0.26.7.\n"}], "lastModified": "2023-07-21T17:16:36.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:decidim:decidim:*:*:*:*:*:ruby:*:*", "vulnerable": true, "matchCriteriaId": "ED7C8457-F45C-4727-A1B0-53A12284A2D2", "versionEndExcluding": "0.26.7"}, {"criteria": "cpe:2.3:a:decidim:decidim:*:*:*:*:*:ruby:*:*", "vulnerable": true, "matchCriteriaId": "4D389308-6526-443B-8169-2732F74EFF50", "versionEndExcluding": "0.27.3", "versionStartIncluding": "0.27.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}