📦 Decidim

This vulnerability in Decidim's templates module allows any authenticated user to access administrative template management functions, enabling unauthorized creation, modification, or deletion of surv...

This Cross-Site Scripting (XSS) vulnerability in Decidim's meeting embeds feature allows attackers to inject malicious scripts through specially crafted URLs. Users who view or interact with these mal...

CVE-2023-34089 is a cross-site scripting (XSS) vulnerability in Decidim's processes filter feature that allows remote attackers to execute JavaScript in the context of logged-in users. This could enab...

CVE-2023-32693 is a cross-site scripting (XSS) vulnerability in Decidim's external link feature that allows remote attackers to execute JavaScript in logged-in users' browsers. This affects Decidim in...

This vulnerability in Decidim's private data export feature allows UUID collisions that could lead to unauthorized access to sensitive user data. Organizations using Decidim versions 0.30.0-0.30.3 or ...

This vulnerability allows cross-site scripting (XSS) attacks in Decidim's admin panel when administrators perform actions that generate activity logs containing malicious content. Attackers could exec...