Skip to main content

Decidim

9 CVEs product

Monthly

CVE-2025-65017 Ruby MEDIUM PATCH This Month

Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. [CVSS 6.5 MEDIUM]

Information Disclosure Decidim
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-45594 Ruby MEDIUM PATCH This Month

Decidim is a participatory democracy framework. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-39910 Ruby MEDIUM PATCH This Month

decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Decidim
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-32034 Ruby MEDIUM PATCH This Month

decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Decidim
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2024-27095 Ruby MEDIUM PATCH This Month

Decidim is a participatory democracy framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-36465 Ruby HIGH PATCH This Week

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Decidim
NVD GitHub
CVSS 3.1
7.1
EPSS
0.5%
CVE-2023-34090 Ruby HIGH PATCH This Week

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Decidim
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-34089 Ruby MEDIUM PATCH This Month

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-32693 Ruby MEDIUM PATCH This Month

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. [CVSS 6.5 MEDIUM]

Information Disclosure Decidim
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Decidim is a participatory democracy framework. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Decidim
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Decidim
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Decidim is a participatory democracy framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Decidim
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Decidim
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Decidim
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy