Описание
Decidim vulnerable to data disclosure through the embed feature
Impact
If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embedded (such as a Participatory Process, an Assembly, a Proposal, a Result, etc), then some data of this resource could be accessed.
Patches
version 0.27.6
https://github.com/decidim/decidim/commit/1756fa639ef393ca8e8bb16221cab2e2e7875705
Workarounds
Disallow access through your web server to the URLs finished with /embed.html
Ссылки
- https://github.com/decidim/decidim/security/advisories/GHSA-qcj6-vxwx-4rqv
- https://nvd.nist.gov/vuln/detail/CVE-2024-27090
- https://github.com/decidim/decidim/pull/12528
- https://github.com/decidim/decidim/commit/1756fa639ef393ca8e8bb16221cab2e2e7875705
- https://github.com/decidim/decidim/releases/tag/v0.27.6
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/decidim/CVE-2024-27090.yml
Пакеты
decidim
< 0.27.6
0.27.6
Связанные уязвимости
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embbeded (such as a Participatory Process, an Assembly, a Proposal, a Result, etc), then some data of this resource could be accessed. This vulnerability is fixed in 0.27.6.