Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/decidim/decidim
The participatory democracy framework. A generator and multiple gems made with Ruby on Rails
https://github.com/decidim/decidim
Moderate
Ecosystems: rubygems
Packages: decidim-meetings
Source: github
Published: about 1 month ago
GSA_kwCzR0hTQS1qNGg2LWdjajctN3Y5ds4ABBTI
decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embedsEcosystems: rubygems
Packages: decidim-meetings
Source: github
Published: about 1 month ago
High
Ecosystems: rubygems
Packages: decidim
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS1jYzRnLW0zZzcteG13OM4AA_5i
Decidim has a cross-site scripting vulnerability in the version control pageEcosystems: rubygems
Packages: decidim
Source: github
Published: 3 months ago
Moderate
Ecosystems: rubygems
Packages: decidim
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS12dnF3LWZxd3gtbXFtbc4AA_kB
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin panel with QuillJS WYSWYG editorEcosystems: rubygems
Packages: decidim
Source: github
Published: 3 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-admin
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS1yeDlmLTVnZ3YtNXJoNs4AA_kA
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity logEcosystems: rubygems
Packages: decidim-admin
Source: github
Published: 3 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-admin
Source: github
Published: 5 months ago
GSA_kwCzR0hTQS01MjlwLWpqNDctdzNtM84AA9w5
Decidim cross-site scripting (XSS) in the admin panelEcosystems: rubygems
Packages: decidim-admin
Source: github
Published: 5 months ago
Moderate
Ecosystems: rubygems
Packages: decidim
Source: github
Published: 5 months ago
GSA_kwCzR0hTQS03Y3g4LTQ0cGMteHYzcc4AA9w4
Decidim cross-site scripting (XSS) in the paginationEcosystems: rubygems
Packages: decidim
Source: github
Published: 5 months ago
Moderate
Ecosystems: rubygems
Packages: decidim
Source: github
Published: 5 months ago
GSA_kwCzR0hTQS1xY2o2LXZ4d3gtNHJxds4AA9wt
Decidim vulnerable to data disclosure through the embed featureEcosystems: rubygems
Packages: decidim
Source: github
Published: 5 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: github
Published: 10 months ago
GSA_kwCzR0hTQS05dzk5LTc4cmotaG14cc4AA5Zn
Cross-site scripting (XSS) in the dynamic file uploadsEcosystems: rubygems
Packages: decidim-core, decidim
Source: github
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-system, decidim-admin, decidim, devise_invitable
Source: github
Published: 10 months ago
GSA_kwCzR0hTQS13M3E4LW00OTItNHB3cM4AA5Zd
Possibility to circumvent the invitation token expiry periodEcosystems: rubygems
Packages: decidim-system, decidim-admin, decidim, devise_invitable
Source: github
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-templates
Source: github
Published: 10 months ago
GSA_kwCzR0hTQS1mM3FtLXZmYzMtamc2ds4AA5ZJ
Possible CSRF attack at questionnaire templates previewEcosystems: rubygems
Packages: decidim-templates
Source: github
Published: 10 months ago
Low
Ecosystems: rubygems
Packages: decidim
Source: github
Published: 10 months ago
GSA_kwCzR0hTQS1yMjc1LWo1N2MtN21mMs4AA5ZI
Race condition in EndorsementsEcosystems: rubygems
Packages: decidim
Source: github
Published: 10 months ago
High
Ecosystems: rubygems
Packages: decidim, decidim-templates
Source: github
Published: about 1 year ago
GSA_kwCzR0hTQS02MzloLTg2aHctcWNqcc4AA2Qo
Decidim has broken access control in templatesEcosystems: rubygems
Packages: decidim, decidim-templates
Source: github
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: github
Published: over 1 year ago
GSA_kwCzR0hTQS00NjloLW1xZzgtNTM1cs4AA0m3
Decidim Cross-site Scripting vulnerability in the external link redirectionsEcosystems: rubygems
Packages: decidim-core, decidim
Source: github
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: github
Published: over 1 year ago
GSA_kwCzR0hTQS01NjUyLTkycjktM2Z4Oc4AA0m4
Decidim Cross-site Scripting vulnerability in the processes filterEcosystems: rubygems
Packages: decidim-core, decidim
Source: github
Published: over 1 year ago
High
Ecosystems: rubygems
Packages: decidim-meetings, decidim
Source: github
Published: over 1 year ago
GSA_kwCzR0hTQS1qbTc5LTlwbTQtdnJ3Oc4AA0m2
Decidim vulnerable to sensitive data disclosureEcosystems: rubygems
Packages: decidim-meetings, decidim
Source: github
Published: over 1 year ago